Major Australian IVF provider investigating cyber incident

Australian fertility services provider Genea is investigating a potential data breach after detecting suspicious activity on its network.

The company confirmed on Wednesday that an unauthorized third party had accessed its systems but said it was still determining whether personal information had been compromised. It did not specify the nature of the cyberattack or the identity of those responsible.

Genea, which operates multiple clinics across Australia, said it had taken some systems and servers offline as a precaution and was working to restore them while the investigation continued.

“We acknowledge the importance that people place on their information, especially in this current environment. We are committed to keeping you updated as we learn more,” the company said in a statement, adding that it was working to minimize disruption to patient treatments.

“If you do not hear from your local Genea clinic, there is no change to your current treatment schedule.”.

Some patients expressed frustration over a lack of communication from Genea regarding the breach to ABC News, which reported that people had struggled to reach the company for urgent clinical inquiries, while at least one patient said delays in communication prevented their fertility testing from being completed this month.

The company’s app, which allows patients to track their fertility cycles and access medical data, was also unavailable following the incident, reports said.

The cyber incident comes a week after Genea experienced a phone outage at several clinic branches. The company has not disclosed whether the outage was linked to the cyberattack and did not respond to a request for comment from Recorded Future News.

Healthcare providers are frequent targets for cybercriminals, with attacks on medical services disrupting operations, delaying procedures, and exposing sensitive patient data.

A ransomware attack last year on a major U.S. blood donation organization hampered its ability to supply hospitals, while a recent attack on one of the country’s largest independent blood centers forced officials to reschedule blood drives.

The United Kingdom also saw significant disruptions in 2023 after ransomware hackers targeted a major pathology services provider for hospitals and clinics.

On Thursday, one of the largest independent community healthcare providers in the U.K. said it was investigating a cybersecurity incident after a ransomware group claimed to have breached its systems and stolen sensitive data.

Editor's Note: Genea responded February 21 with the following statement:

“We have since engaged cyber experts to assist us with our response and investigation and we are liaising with the Australian Cyber Security Centre.

Our investigation is ongoing and we will communicate with any affected individuals if our investigation identifies any evidence that their personal information has been impacted, consistent with our legal and regulatory obligations”