Australian IVF Clinic Genea ‘Urgently Investigating’ Hacker Attack

Australian IVF clinic Genea is “urgently investigating” a cyber incident after hackers broke into its servers to access data.

Almost a week into a strange phone outage signaled by customers, Genea this week finally confirmed it is dealing with a cyber intrusion.

Visitors of genea.com.au are greeted by a “cyber incident” notice saying the clinic is working to recover from a hacker attack.

‘Suspicious activity on our network’

“Genea is urgently investigating a cyber incident after identifying suspicious activity on our network,” reads the notice. “As soon as we detected the incident, we took immediate steps to contain the incident and secure our systems.”

Data breach notice | Source: Genea

“Out of an abundance of caution, this included taking some of our systems and servers offline while we investigated the incident. These are now being restored while we continue our investigation,” the clinic says.

As reported by ABC News, customers are understandably worried as IVF treatments can cost tens of thousands of dollars, and timing is critical to achieve good results. In addition, IVF clinics collect troves of personal and medical information from their customers.

‘Unauthorized access’

Genea, one of Australia's three largest in vitro fertilization services, reveals that whoever hacked its IT network likely made off with some of the data stored on its servers.

“Our ongoing investigation has identified that an unauthorised third party has accessed Genea data,” the breach notice continues. “We are urgently investigating the nature and extent of data that has been accessed and the extent to which it contains personal information.”

Patients relying on the company’s mobile app MyGenea to track their cycle and view fertility data are also complaining of outages.

Genea assures patients that it knows full well “the importance that people place on their information, especially in this current environment.”

“We are committed to keeping you updated as we learn more,” adds the notice. “We are working hard to ensure that there is minimal disruption to treatment being provided to our patients. If you do not hear from your local Genea clinic, there is no change to your current treatment schedule.”

Ransomware maybe?

The wording suggests the company is still struggling to make sense of what appears to be a major incident as it works to appease frustrated customers.

While Genea doesn’t suggest in any way that it may have run into ransomware, the telltale signs are there: phone outages, app outages, unanswered emails, and an “urgent” data breach notice indicating a dire need for full disclosure.

The company is commendably very transparent about the situation, pledging to communicate with affected individuals if the investigation “identifies any evidence that their personal information has been impacted.”

Anyone affected by a data breach should consider a data monitoring service. Bitdefender Digital Identity Protection lets you find out if your data has leaked online, what type of information was compromised, what risks you face, and whether your information is up for sale on the dark web.