Dear Colleague

I am writing to inform you of a recent data security issue at the Australian Red Cross Lifeblood which allowed a back-up copy of an online enquiry database to be accessed by an unauthorised person.

On 26 October the Blood Service became aware that a file containing donor information was placed in an insecure environment by a third party that develops and maintains the Blood Service’s website. This file contained registration information of 550,000 donors made between 2010 and 2016.  The file was part of an online application to give blood and information such as names, addresses, dates of birth and some personal details are included in the questionnaire. A copy of our media statement is attached.

This situation will not directly impact blood inventory.  However public confidence in the Blood Service could indirectly impact blood supplies in the longer term.  We are assuring the public we are doing everything in our power to not only right this issue but to prevent it from happening again.

We are deeply disappointed this could happen. We take full responsibility and are endeavouring to contact all donors and inform them of the potential breach.

We are currently in a strong inventory position and inventory will continue to be monitored very closely. However, preparations have been made in case there is a need to activate the National Blood Contingency Supply Plan.

Please continue to refer to the National Inventory Template (NIT) for any inventory restrictions which is emailed to your laboratory daily.

For more information on the data security issue please refer to our donor connect website info.donateblood.com.au

We will continue to monitor the situation daily and will let you know of any updates. Please do not hesitate to contact your local Customer Service Delivery team for any queries.

Yours sincerely

Greg Wilkie

Executive Director Manufacturing

Australian Red Cross Lifeblood