- Patients
- Security incident
Security incident
It has come to the attention of GenesisCare that a malicious email distribution has occurred, originating from a single GenesisCare email account which has been compromised. We understand that recipients of the email, as well as other individuals, may have some questions around the security incident.
Firstly, we would like to provide reassurance that we take all incidents seriously and a full investigation has commenced in order to ascertain the facts.
What has happened?
- A GenesisCare email account has been compromised
- An attacker has used the compromised email account to send a malicious email to around 5000 recipients
- The malicious email was sent on the 4th August 2025
Facts to be established
At this moment in time, we are seeking further details to confirm how this incident occurred and steps we can take to mitigate it. We will continue to reassess the level of harm to the recipients of the email, and any other data subjects, as the investigation progresses.
Next steps
There are some measures you can take to protect yourself from malicious activity:
- Do not click on links or download attachments from sources you do not trust
- Delete the malicious email which you have received
- Use strong, unique passwords for your accounts and change your passwords if you think you may have been compromised; and look out for phishing emails or fraudulent activity on your accounts
Updates to our investigation will be published on this page and we will consider any further notification requirements on an ongoing basis.
GenesisCare will be notifying the Information Commissioner’s Office of the incident.
If you have any particular concerns, please send them to dpo@genesiscare.co.uk
Thank you in advance for your patience whilst we conduct a comprehensive investigation.