Genea, a major Australian provider of IVF services, has revealed a cybersecurity breach that has interrupted its services and resulted in potential access to sensitive data.
The company, which operates 21 clinics across Australia and is one of the country’s three largest IVF providers, verified the incident through a statement posted on its website on Wednesday.
According to the Australian Broadcasting Corporation (ABC), Genea disclosed the incident after inquiries from ABC reporters regarding the cyberattack. The ABC reported that following their inquiry, Genea hired Porter Novelli, a public relations company specialising in cyberattack and data breach response.
Lauren Clancy, representing Genea through Porter Novelli, stated that the company is “urgently investigating” the cybersecurity incident.
“As soon as we detected the incident, we took immediate steps to contain the incident and secure our systems. We are working hard to ensure that there is minimal disruption to treatment being provided to our patients,” she added.
Genea informed its customers on February 13 about phone line outages before confirming the cyberattack, according to an Instagram post.
The ABC also reported that the company’s MyGenea app, which allows patients to monitor their cycles and view fertility data, was also taken offline because of the incident.
Genea’s website states that it collects highly sensitive patient health information, including medical, nursing, and scientific details, as well as information on procedures and tests conducted at Genea or other facilities. It remains unclear whether sensitive medical data was accessed or stolen.
“Our investigation is ongoing and we will communicate with any affected individuals if our investigation identifies any evidence that their personal information has been impacted, consistent with our legal and regulatory obligations.”