1. Public Knowledge Base
  2. SPAM Email Issue 25 Aug 2024

Press Release: Power Diary Addresses Unauthorized Email Activity

FOR IMMEDIATE RELEASE: 25th August, 2024

[Melbourne, Victoria, 25th August 2024] — Power Diary, a leading provider of practice management solutions, today announced that it has identified and addressed a SPAM incident related to its email-sending system. The incident was not a breach of the company’s core systems, but involved an unauthorized party triggering the sending of emails using the platform’s communication template feature. 

The company’s investigation confirms that no personal data was exposed during this incident. The unauthorized party was able to send emails that appeared to come from healthcare practices, but they did not have access to any personal information of patients or healthcare providers.

Paul Adler, Co-founder and Chief Technology Officer, commented; 

“Our priority is the security and trust of our customers and their patients. While the unauthorized party was able to trigger emails being sent, they were not able to access any personal data. Our safeguards worked to protect sensitive information from malicious actors.” 

The content of these emails mentioned winning an NFT and cryptocurrency award, and encouraged clicking on a link to claim a fake prize - fairly typical of low-level spam emails that attempt to convince users to click on links and share their details.

To help clarify the nature of the incident, Damien Adler, Co-founder and Head of Customer Success, explained; 

“Think of it like a mail merge process. The unauthorized party could create the content of the email, but they couldn’t see any details of the recipients or the personal information that was automatically added by our system. They wouldn't know who the emails were sent to, or what automatic merge-field data (such as first name) was included.”

The company has a dedicated investigation team that has secured the relevant communication endpoint and is continuing to monitor and assess the situation. Additionally, Power Diary is taking further steps to increase the security of its email systems to prevent similar incidents in the future. 

“We take this incident seriously and are committed to transparency with our customers,” added Paul Adler. “We’ve already communicated directly with affected customers and are providing ongoing updates as we strengthen our security measures.”

Power Diary will continue to provide further updates as necessary and remains committed to maintaining the highest standards of data protection and security.


About Power Diary
Power Diary is a leading provider of practice management solutions, serving healthcare practices across Australia, UK, US, Canada, Ireland and other countries. Our platform is designed to help practices streamline their operations, enhance patient care, and reduce the administration involved in running a healthcare practice.

For more information, please contact:

Fiona Harrington
Head of Strategy, Marketing and Growth
Power Diary
connect@powerdiary.com