Hackers claim to have published a trove of sensitive data belonging to IVF patients after a cyberattack on Genea, one of Australia’s largest fertility providers.
Genea said last week that it had experienced a cybersecurity incident that led to sensitive patient information potentially being compromised. In a statement given to TechCrunch on Wednesday, Genea CEO Tim Yeoh said the company had since identified that “data taken from our systems has been published externally.”
This statement came after the Termite ransomware gang, which recently took credit for an attack on supply chain software giant Blue Yonder, listed Genea on its dark web leak site, where it claimed to have published sensitive patient data.
Samples of the allegedly stolen data, seen by TechCrunch, appear to show government-issued identification documents and sensitive medical records.
In an updated statement, Genea said it was granted a court injunction on Wednesday to “prevent any access, use, dissemination or publication of the impacted data by the threat actor and/or any third party who receives the stolen dataset.”
The court order, seen by TechCrunch, reveals that the hackers breached Genea’s Citrix environment on 31 January before extracting approximately 940 GB of data on February 14.
Genea said it currently does not know what data was accessed, and Yeoh told TechCrunch that the company is “urgently investigating the nature and extent of the data that has been published.”
However, Genea did note that hackers had compromised its patient management system, which contains information such as patients’ contact details, Medicare card numbers, health insurance details, medical histories, test results, and medications.
Genea said there was currently no evidence that patients’ financial information, such as credit card details or bank account numbers, had been compromised.
It’s not known how many individuals may have been impacted by the breach, but Genea said it is communicating with both current and former patients.
In its updated statement, Genea said it is working to “securely restore” its systems following the cyberattack, but it did not say whether the incident continues to disrupt patient services. ABC News reported last week that the company’s MyGenea app, which enables patients to track their cycle and view fertility data, was taken offline as a result of the incident.
