Go to whole of WA Government search

Australian Red Cross blood donors beware

Australian Red Cross Blood donors beware

The Australian Red Cross Blood Service has announced that a file containing the names, addresses (physical and email) and dates of birth of 550,000 donors, registered between 2010 and 2016, have been exposed online.

According to the statement, IDCARE, a national identity and cyber support service, has made an assessment that there is low risk of future direct misuse of the information accessed. The Blood Service also advises that secure databases which contain more sensitive medical information have NOT been compromised.  

Watch a video of the CEO explaining more about the personal data breach.

If you’re affected you will probably have had a text message to let you know.

Info about what to do and frequently asked questions is here

Top tip: Install software to protect your computer or device from viruses, spyware, malicious or unwanted programs AND keep protection software up-to-date.

  • Alert yourself

 If your personal details, including your email address, is within the data that was exposed you cannot undo that. However, you could set up a Google alert for your name and email address to advise you when anything about you or the email account is posted online.  


  • Change your email address if possible

To be extra secure, you could make a new email address, send it to those you want to keep in contact with and abandon the old one. However, we realise this may not be possible if it is a work email address controlled by your employer.

WARNING: Future associated scams a possibility

Scammers capitalise on situations to try to get you to click before you think. Here's a hypothetical fake email example ...

To: potential victim

From: scammer pretending to be The Blood Service or an IT company that can assist


Your email address was exposed in the Australian Red Cross Blood Service data breach. Act now to protect yourself. www.scamlink.dontfallforit

It cannot be ruled out that scammers will inbox people whose email account details were, or were not, included the data just to try to trick them into clicking a link that installs malware or ransomware onto the computer or device.

Scammers may make claims via email about a person’s data being at risk and offer to help fix that problem. WA ScamNet recommends that you do not click any links or open any attachments within an email of this nature. See WA ScamNet’s previous ransomware warning.

In 2015 the hacking of data from website Ashley Madison and its sister site Established Men lead to email account holders being targeted in scams. Even people who were not on the leaked list received scam emails after the hack. Read more.

Page created: 28 October 2016