Genea, a prominent IVF provider in Australia, is currently investigating a cyberattack that occurred on February 14, which exposed the personal medical information of thousands of patients. The extent of the breach is still unclear; however, Genea reassured patients that there is no evidence of compromised financial information, such as credit card or bank account details.
In an email to patients, Genea disclosed that its patient management systems were accessed by an unauthorised party, which obtained a range of sensitive information, including full names, addresses, email addresses, Medicare numbers, medical histories, prescriptions, test results, doctors’ notes, appointment schedules, and emergency contact information.
While the investigation is ongoing, Genea acknowledged that the attacker likely accessed and potentially removed personal data. They have committed to providing updates as they learn more about the incident. The clinic has also offered free specialist support to those affected by the breach and expressed its commitment to restoring systems swiftly to minimise disruption to patient care.
Genea’s technology team is working diligently to secure the systems and address the ramifications of this incident. They urged patients to remain vigilant regarding communications and to verify the authenticity of any messages received.
Moreover, Genea has reported the incident to the Office of the Australian Information Commissioner and the Australian Cyber Security Centre. A meeting with the National Office of Cyber Security is planned to discuss the situation further.
As one of Australia’s three largest IVF providers, Genea serves thousands of patients across the country, making the seriousness of this breach all the more significant.