Genea Data Breach: Patient Data Leaked by Hackers

Data Breach at Genea: IVF Patient Information Potentially Exposed

A significant cybersecurity incident has impacted Genea, a leading fertility provider in Australia. Hackers are asserting they have released a substantial amount of confidential data pertaining to IVF patients.

Cyberattack and Data Publication

Genea initially reported a cybersecurity incident last week, indicating a potential compromise of sensitive patient information. CEO Tim Yeoh confirmed to TechCrunch that data extracted from their systems has now been publicly disseminated.

The Termite ransomware gang, responsible for a recent attack on Blue Yonder, a major supply chain software company, has claimed responsibility. They listed Genea on their dark web leak site, alleging the publication of patient data.

Details of the Compromised Data

TechCrunch has reviewed samples of the purportedly stolen data. These samples include sensitive medical records and government-issued identification documents.

Genea has secured a court injunction aimed at preventing any further access, use, or distribution of the compromised data by the threat actors or any receiving parties.

Breach Timeline and Data Extent

Court documents reveal the hackers initially breached Genea’s Citrix environment on January 31st. Approximately 940 GB of data was then extracted on February 14th.

Currently, the full scope of the data accessed remains unknown. Genea is actively investigating the specific nature and extent of the published information, according to Yeoh.

Specific Data Types Compromised

The breach affected Genea’s patient management system. This system contains a wide range of personal details, including:

• Patient contact information
• Medicare card numbers
• Health insurance details
• Medical histories
• Test results
• Medication information

As of now, there is no indication that financial data, such as credit card details or bank account numbers, was compromised.

Impact and Ongoing Response

The number of individuals affected by this breach is currently undetermined. Genea is in communication with both current and former patients.

Genea is focused on restoring its systems securely following the cyberattack. However, the company has not yet confirmed whether patient services are still experiencing disruptions.

Reports from ABC News indicate that the MyGenea app, used for cycle tracking and viewing fertility data, was temporarily taken offline as a direct result of this incident.