Around 1,700 patients potentially had their medical records exposed by cybercriminals.
Join the Claim isn’t a law firm. We connect you with regulated UK firms that run group action claims. If one of our partner firms takes this case forward, we’ll share more details, including how to check your eligibility.
Join the Claim Limited is a claims management company. This claim is not regulated by the Financial Conduct Authority. Join the Claim Limited is authorised and regulated by the FCA (FRN: 1053404) for regulated claims management activities only.
Register your interest
Overview
In late 2021, the Lister Fertility Clinic experienced a data breach. In total, around 1,700 patients potentially had their medical records exposed by cybercrininals. The breach happened when Stor-a-File Limited, a company used by the clinic had its IT systems hacked.
Sensitive patient data, including full names, dates of birth, copies of passports, medical histories, scanned test results and fertility treatment records were said to be exposed in this shocking data privacy violation.
To make matters worse, some of the data stolen from Stor-a-File was later published on the dark web. While it does not look like medical records were included in the dark web info dump, there are no guarantees about what has – and might still be done with the information.
We are monitoring the situation closely. Register your interest and we’ll keep you updated if one of our regulated UK partner law firms is able to take this claim forward.
Lister Fertility Clinic – At a glance
What do we know about the Lister Fertility Clinic data breach?
How Join the Claim works
Take a moment to answer a few simple questions so we can understand your connection and keep you updated.
Share your details so we can keep you informed if any updates become available.
If a partner law firm takes this claim forward, we’ll let you know the next steps and how to join.
Latest updates on the Lister Fertility Clinic data breach
February 2025
Join the Claim began raising awareness of this data breach.
December 2021
The Lister Fertility Clinic provided an update to affected patients, confirming that copies of scanned laboratory records, including full names, hospital numbers, dates of birth, test results, and details of partners, were exposed during the breach. The clinic acknowledged some of the data stolen in the hack had been found on the dark web.
November 2021
Reports emerged that the cybercriminal group had demanded a £3 million ransom in Bitcoin. Upon Stor-a-File's refusal to pay, the attackers released tens of thousands of files onto the dark web.
October 2021
Stor-a-File informed the Lister Fertility Clinic about the cyber-attack and the potential compromise of patient data. Following this notification, the clinic sent letters to approximately 1,700 affected patients, informing them of the breach.
August 2021
Stor-a-File Limited's IT systems were infiltrated by a ransomware cyber-attack group known as Cl0p.
We’ll provide more updates on this case as they occur.
Who could be affected by the Lister Fertility Clinic Data Breach?
If you are a Lister Fertility Clinic patient, your data might have been breached. Register to stay updated, and we’ll let you know if a partner law firm takes this claim forward.
Lister Fertility Clinic data breach FAQs
In August 2021, the Lister Fertility Clinic was affected by a ransomware attack on its third-party document management provider, Stor-a-File Limited. A cybercriminal group known as Cl0p exploited vulnerabilities in Stor-a-File’s system, gaining unauthorised access to sensitive patient records. When Stor-a-File refused to pay the ransom, the hackers leaked thousands of files on the dark web.
Ransomware is a type of cyberattack where hackers encrypt or steal data and demand a ransom for its return. In this case, the Cl0p cybercriminal group targeted Stor-a-File Limited, the third-party provider responsible for storing patient records for the Lister Fertility Clinic. When the ransom demand was not met, the hackers leaked thousands of confidential documents online.
The breach was caused by a cyberattack on Stor-a-File Limited, the third-party provider managing patient records. However, under data protection laws, the Lister Fertility Clinic remains responsible for ensuring that patient data is stored securely.
Upon learning of the breach, the Lister Fertility Clinic:
However, the breach had already caused damage, with personal data leaked online.
If you received a letter from the Lister Fertility Clinic in October 2021, your data was likely included in the breach. If you did not receive a letter but are concerned, you can contact the clinic for clarification.
We are not a law firm. Our role is to keep people informed about potential group actions if one of our regulated UK partner law firms is able to take this claim forward. Accordion Content
No. Registering simply means you’ll receive updates. If a law firm later takes on the case, you’ll be given the option to learn more about the process and any potential costs before deciding whether to take part.
A group action claim allows people affected by the same issue to take action together. This strength in numbers helps stand up to big organisations. Join the Claim helps connect people with law firms so these actions have a real impact.
Latest Lister Fertility Clinic data breach news
We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.
Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.
Join the Claim is a trading name of Join the Claim Limited, authorised and regulated by the Financial Conduct Authority (FRN: 1053404). Registered in England and Wales, Company No: 16245278. Registered office: 32 Eyre Street, Sheffield, S1 4QZ.
© Join the Claim All Rights Reserved |
