I've been having medical treatment by a company acting for the NHS.
I received an email, purportedly, from this company with a link sending me to an unsecured website which requested my email password in order to receive the message - I declined.
I replied stating my reason.
I then received a further email (into my spam) from another address in reply, again with a link which I haven't opened.
I've contacted the company, but have only received promises they're looking into the matter. I've little faith, as they've proved their admin has been less than efficient in the past.
I believe the company have had their records compromised, revealing email addresses of clients at the very least.
Suggestions as to what I should do next? Nothing, just wait and see? Information Commissioners office? Police?
|