Genea, one of Australia’s largest fertility services providers, disclosed that unknown attackers breached its network and accessed data stored on compromised systems.
Genea issued a statement on Wednesday, saying it’s “urgently investigating a cyber incident” after detecting “suspicious activity” on its network.
“Our ongoing investigation has identified that an unauthorised third party has accessed Genea data. We are urgently investigating the nature and extent of data that has been accessed and the extent to which it contains personal information,” the company revealed. “We will communicate with relevant individuals if our investigation identifies any evidence that their personal information has been impacted.”
Genea added that it’s working on restoring servers that were taken down to contain the breach and secure the company’s systems.
Although it did not disclose whether this attack had disrupted its operations in any way, the company told patients that they would be notified of any changes to their treatment schedule.
“We sincerely apologise for any concern this incident may cause and want to reassure patients that we take your privacy and the security of your data very seriously,” Genea stated. “We also want to reassure you that our teams of specialists, nurses and office support staff are working tirelessly to ensure that there is minimal disruption to your treatment, which is of our utmost priority and importance.”
While the company has yet to reveal when the breach was detected or whether patients’ personal and health information was exposed, Genea’s breach confirmation comes five days after a phone outage impacted the group’s fertility clinics.
In replies to the phone outage announcement, patients also revealed that the company’s MyGenea app was also down.
The IVF provider (founded in 1986 and initially called Sydney IVF) offers various services, including fertility treatments, tests, genetic services, preservation options, and donor programs in 22 fertility clinics across New South Wales, South Australia, Western Australia, Melbourne, Canberra, and Queensland.
According to Australia’s national broadcaster, who first reported the incident, Genea and two other companies (Monash IVF and Virtus) account for over 80% of the industry’s total revenue in the country.
A Genea spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today
