Genea IVF Cyberattack: Data Breach Confirmed

Genea IVF Provider Reports Cybersecurity Breach

A significant cybersecurity incident has been reported by Genea, a leading IVF provider in Australia. This incident has resulted in disruptions to patient services and potential unauthorized access to sensitive data.

Incident Confirmation and Initial Response

Genea, operating 21 clinics nationwide and ranking among Australia’s three largest IVF providers, publicly acknowledged the incident via a statement released on its website on Wednesday.

Reports from Australia’s ABC national broadcaster indicate that Genea’s disclosure followed inquiries from ABC journalists regarding the cyberattack. Subsequently, Genea engaged Porter Novelli, a public relations firm specializing in cybersecurity incident and data breach management.

Statement from Genea CEO

Tim Yeoh, Genea’s CEO, confirmed the ongoing investigation into the cybersecurity incident in a statement provided to TechCrunch through Porter Novelli.

“Immediate action was taken to contain the incident and reinforce the security of our systems upon detection,” Yeoh stated. “We are dedicated to minimizing any disruption to the treatment our patients are receiving.”

Data Access and Scope of Breach

Genea’s public statement confirms that an unauthorized party gained access to Genea’s data. However, a company spokesperson refrained from specifying the types of data compromised when questioned by TechCrunch.

Service Disruptions

Prior to formally confirming the cyberattack, Genea informed customers on February 13th about outages affecting its phone lines, as evidenced by a post on the company’s Instagram page reviewed by TechCrunch.

The incident also necessitated the temporary suspension of the MyGenea app, a platform used by patients to monitor their cycles and access fertility data, according to ABC reports.

Types of Patient Data Collected

Genea’s website details the collection of highly sensitive patient information, encompassing medical, nursing, and scientific data, alongside details of procedures and tests performed both at Genea facilities and elsewhere.

Currently, it remains undetermined whether patients’ confidential medical records were accessed or extracted during the breach.

Ongoing Investigation and Patient Notification

“Our investigation is currently in progress,” Yeoh communicated to TechCrunch. “We will promptly notify any individuals affected should our investigation reveal evidence of compromised personal information, in accordance with our legal and regulatory duties.”

This article has been updated to include a statement from Genea CEO Tim Yeoh.