Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
It is currently unclear whether the company’s international operations, including Australia, have been impacted by the breach.
Major US sperm donation and cryopreservation firm California Cryobank (CCB) has confirmed a 2024 cyber incident that resulted in threat actors accessing customer data.
According to a notice sent to customers on 14 March 2025, CCB identified unauthorised activity on some of the computers on its network on 21 April 2024. It quickly locked down the devices from the network and launched an investigation.
The company said it has now completed its investigation and determined that unauthorised actors accessed its systems between 20 April and 22 April 2024 and may have exfiltrated data.
“As part of our ongoing review of the files, CCB determined that certain files that were potentially accessed and/or acquired as a result of the incident contain some of your information, including your name and one or more of the following: bank account and routing number, payment card number, and/or health insurance information,” said CCB in the customer notice.
The company, which is the largest sperm bank in the US and has operations in all 50 states as well as 30 countries, including Australia, has not disclosed how many people were affected, nor whether or not operations overseas have been impacted.
In Australia, CCB partners with Australian fertility clinic Monash IVF, which uses the US clinic to “bring quality donor sperm to Australian fertility patients”, according to the website.
Additionally, it is unclear whether or not sperm donor IDs have been compromised, which could result in a significant privacy concern for donors.
For context, most sperm is donated anonymously. When a recipient receives sperm, they are given the donor ID, which will allow the child to learn more about their biological father when they are 18.
However, if threat actors exfiltrated this information, it could be used to identify donors and commit fraud or to blackmail those who do not wish for their sperm donations to be public knowledge.
Cyber Daily has reached out to both Monash IVF and the outside counsel of CCB, Baker & Hostetler LLP, for more information.
Earlier this month, threat actors published data belonging to a major Australian IVF firm, Genea Fertility.
Two weeks after Genea revealed it was the victim of a major cyber attack, the Termite ransomware gang published the stolen data on its darknet leak site.
Prior to the publication, Genea said it was aware of claims made by Termite and that it was engaging in an active investigation into exactly what data had been impacted.
Now, Genea has said it is aware of the publication and that its investigation is ongoing.
“Genea can confirm that additional stolen data from our systems has been published on the dark web by the threat actor,” Genea said in a 4 March update to its incident advisory.
“Additionally, the cyber incident and the publication of Genea’s stolen data [have] been reported to the Australian Federal Police, and an investigation is underway.
“We are continuing to engage with the Office of the Australian Information Commissioner, the Australian Federal Police, the National Cyber Security Coordinator and the Australian Cyber Security Centre in relation to this incident.”
Cyber Daily can confirm Termite has published the dataset, but an injunction prevents us from saying anything more related to the content of the data breach. However, while Genea has previously said it cannot confirm the exact data impacted, it is likely to contain “full names, emails, addresses, phone numbers, Medicare card numbers, private health insurance details, Defence DA number, medical record numbers, patient numbers, date of birth, medical history, diagnoses and treatments, medications and prescriptions, patient health questionnaire, pathology and diagnostic test results, notes from doctors and specialists, appointment details and schedules, emergency contacts and next of kin”.
Termite claims to have about 700 gigabytes of data.
Be the first to hear the latest developments in the cyber industry.
