Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Australian fertility clinic Genea confirms that patient data stolen by hackers has been published on the darknet, as an AFP investigation is underway.
Two weeks after an Australian fertility clinic revealed it was the victim of a major cyber attack, a ransomware gang has published the stolen data on its darknet leak site.
The Termite ransomware gang claimed to be behind the attack last month when it listed Genea as a victim on its leak site.
At the time, Genea said it was aware of the claims and that it was engaging in an active investigation into exactly what data had been impacted.
Now, Genea has said it is aware of the publication and that its investigation is ongoing.
“Genea can confirm that additional stolen data from our systems has been published on the dark web by the threat actor,” Genea said in a 4 March update to its incident advisory.
“Additionally, the cyber incident and the publication of Genea’s stolen data [have] been reported to the Australian Federal Police, and an investigation is underway.
“We are continuing to engage with the Office of the Australian Information Commissioner, the Australian Federal Police, the National Cyber Security Coordinator and the Australian Cyber Security Centre in relation to this incident.”
Cyber Daily can confirm Termite has published the dataset, but an injunction prevents us from saying anything more related to the content of the data breach. However, while Genea has previously said it cannot confirm the exact data impacted, it is likely to contain “full names, emails, addresses, phone numbers, Medicare card numbers, private health insurance details, Defence DA number, medical record numbers, patient numbers, date of birth, medical history, diagnoses and treatments, medications and prescriptions, patient health questionnaire, pathology and diagnostic test results, notes from doctors and specialists, appointment details and schedules, emergency contacts and next of kin”.
Termite claims to have about 700 gigabytes of data.
Genea said in its most recent update that it was “continuing to engage with the Office of the Australian Information Commissioner, the Australian Federal Police, the National Cyber Security Coordinator and the Australian Cyber Security Centre in relation to this incident.”
Lieutenant General Michelle McGuinness, Australia’s national cyber security coordinator, said in a post on X that the incident “has been incredibly distressing for those who have been impacted”.
“We are working across the Australian government, and with Genea, to respond to the incident, so they can provide victims with the support and resources they need,” LTGEN McGuinness said.
The impact of healthcare breaches
Speaking to Cyber Daily, Matt Green, principal threat analyst at Rapid7, said that medical data such as that exposed by the Genea breach could be exploited by malicious actors in multiple ways.
“Unlike financial data, which has a limited shelf life because it is relatively easy to change, leaked medical records are permanent and therefore hold long-term value,” Green said.
“Medical records from specialised clinics, such as IVF, are highly prized by cyber criminals for their mix of medical and personal data. This data can fuel targeted scams, such as tailored phishing emails or identity theft, and supports direct extortion by threatening to expose sensitive conditions, exploiting victims’ emotions and finances.
“Often linked to patients perceived as affluent due to costly treatments, these records can fetch high prices on the black market, making them a lucrative target over more generic breaches.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
