Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Major Australian fertility clinic Genea IVF has confirmed that threat actors accessed its systems and that patient data was accessed.
Last week, Genea Fertility revealed that on 14 February, it discovered suspicious activity on its network and that some of its systems have been disabled to contain the breach.
“Genea is urgently investigating a cyber incident after identifying suspicious activity on our network. As soon as we detected the incident, we took immediate steps to contain the incident and secure our systems,” the statement said.
“Out of an abundance of caution, this included taking some of our systems and servers offline while we investigated the incident. These are now being restored while we continue our investigation.”
Now, in an update to the company’s website, Genea has revealed that during its investigation, it believes that personal data in its patient management system was accessed and stolen by threat actors.
While the firm has not been able to confirm exactly what data was stolen, it said the data might include “full names, emails, addresses, phone numbers, Medicare card numbers, private health insurance details, Defence DA number, medical record numbers, patient numbers, date of birth, medical history, diagnoses and treatments, medications and prescriptions, patient health questionnaire, pathology and diagnostic test results, notes from doctors and specialists, appointment details and schedules, emergency contacts and next of kin”.
Genea added that at this stage, there is nothing to indicate that any financial data such as bank account information or credit card data had been exfiltrated but that its investigation is ongoing.
“We have notified the Office of the Australian Information Commissioner and the Australian Cyber Security Centre of the incident. We are meeting with the National Office of Cyber Security, the Australian Cyber Security Centre and other government departments to discuss the incident with them,” it said.
Genea CEO Tim Yeoh has also been informing its patients of the breach via email, revealing what data may have been stolen.
At this stage, the threat actor behind the breach is still unknown.
Following last week’s announcement, concerned customers of the clinic took to Instagram to express their anxiety regarding the breach, with some concerned that their treatment would be impacted.
IVF treatment is expensive and requires specific timing. According to Genea, IVF treatment can cost between $12,395 and $13,095 per cycle, depending on the type of treatment.
Additionally, missed medication, egg retrieval, blood tests, and implanted embryos can result in an unsuccessful treatment.
“Hey I’ve tried contacting my clinic in Orange via the email above, and they still haven’t got back to me, my medication runs out on Thursday, sort of a desperate situation,” said one concerned Genea customer.
Another said: “App still down. Need my blood slip. No answer on emails. Hope this delay doesn’t affect my treatment plan.”
Genea Fertility responded to the customers, asking them to respond to direct messages so that they could be contacted by a nurse regarding their treatment.
Be the first to hear the latest developments in the cyber industry.
