Genea in vitro fertilization provider reports cybersecurity incident

Genea, one of Australia's largest in vitro fertilization (IVF) providers operating 21 clinics across the country, is reporting a significant cybersecurity incident that potentially exposes sensitive data of thousands of families and expectant parents.

The report came after the discovery of suspicious activity on the company's network, which prompted urgent shutdown of various systems and servers. The incident was preceded by a phone outage affecting multiple Genea clinics five days prior to the incident report. 

The company has launched an investigation to determine the extent and nature of the data accessed, particularly focusing on any compromise of personal information.

The nature of the attack, number of affected individuals and the extent of compromised data, is not disclosed.

Update - as of 24th of February 2025, Genea reported that the exposed data includes:

• full names, addresses, 
• emails, 
• Medicare numbers, 
• medical history, 
• medication and prescriptions, 
• test results, 
• notes from doctors, 
• appointment schedules 
• emergency contact details.

As of 25th of February 2025, Genea obtained a court order to prevent cyber attackers or other third parties from accessing, using, disseminating or publishing the stolen data. Like that will help with the criminals, sure. In the meantime, the Termite ransomware group has claimed responsibility and has posted screenshots on the dark web.

Genea is working to maintain continuity of care for its patients. Current treatment schedules remain unchanged unless patients are directly contacted by their local clinic. The company has expressed sincere apologies for any concerns caused by the incident and emphasized their commitment to patient privacy and data security.