Recent unauthorised activity targeting the email system of Monash IVF

What has happened?

Monash IVF is aware that a number of our patients have received scam emails pretending to be from Monash IVF, but which we did not send.

While scammers appear to have accessed some emails, email addresses and address books, independent IT forensic experts have confirmed that our confidential patient database has not been compromised and remains safe and secure.

This confidential patient database is stored on a separate computer system that has been entirely unaffected by scammer activity. If these facts change in a way that might affect you, we will communicate with those involved.

What has Monash IVF done?

Monash IVF understands the significance of keeping our patients’ data confidential, which is why we place the utmost importance on our cyber security measures.

Since we became aware of the attack we have:

  • applied all ACSC recommendations
  • bolstered our firewall and security to continuously monitor and protect our confidential patient database
  • engaged an IT forensic expert to investigate the source and nature of the attacks
  • engaged with the Office of the Australian Information Commissioner (OAIC) and other relevant industry regulatory bodies as a precautionary measure.

What you need to do

Legitimate emails from Monash IVF will show the email address or You need to check not just the name in the sender field but the actual email address behind it. If the email shows a domain other than or, then it may not be a legitimate email. If you receive an email like this, you may wish to block the sender.

We strongly recommend you do not open any attachments or click on any links within the email, as those attachments may contain content that is fraudulent or which could damage your computer or mobile device. We also recommend ensuring your antivirus software is up to date and running.

Need more Information?

If you have any further questions please contact us on 1800 731 438 or email us at

  • This field is for validation purposes and should be left unchanged.
  • This field is for validation purposes and should be left unchanged.