Genea cyber incident - latest update and support resources

UPDATED 27TH MAY 2025

UPDATE: 27TH MAY 2025

The following information is related to a cyber incident which impacted Genea and FertilitySA in February 2025.

Please click here to view our formal notification and previous updates to patients about the incident.

If you have any further questions or would like further information, please email cyber@genea.com.au. If you have any questions related to your health or medical treatment, please contact your doctor.

Our teams of specialists, nurses and office support staff continue to work hard to provide expert, personalised and world-class fertility care, which is of our utmost priority and importance.

What happened?

In mid-February 2025, we became aware of suspicious activity on our network. Following this, we promptly launched an investigation to determine the nature and scope of the activity. In the course of these investigations, Genea discovered that it had been impacted by a cyber security breach.

Our investigation identified that a subset of data from Genea’s network, which contained information about our patients, was accessed by a cyber criminal and published on the dark web. 

At this stage there is no evidence that any financial information such as credit card details or bank account numbers have been impacted by this incident. Please note that our investigation is ongoing, and we will keep you updated of any relevant further findings should they come to light.

How did we support patients?

We endeavoured to communicate with all current and former patients to explain what happened, what types of personal information relating to them may have been involved in the incident and identified clear steps patients can take to help ensure their information is protected.

We have offered patients the support of a specialist provider, IDCARE, Australia’s national identity and cyber support service. The IDCARE service also offers counselling services to potentially impacted patients. If you are a patient of Genea, please email cyber@genea.com.au to receive your dedicated Genea referral code.

Genea was also granted a court-ordered injunction to prevent any access, use, dissemination or publication of the impacted data by the threat actor and/or any third party who receives the stolen dataset. We obtained this injunction as part of our commitment to the protection of our patients, staff and partners’ information, and taking all reasonable steps in response to this incident to protect the impacted data and those most vulnerable. To learn more and for a copy of the injunction, click through to orders made on 25 February 2025, 25 March 2025, 28 April 2025 and 14 May 2025 extending the injunction and listing the matter for final hearing in relation to a permanent injunction.

 extending the injunction.

How have we improved our systems?

Since the incident, we have undertaken extensive remediation efforts and actions in line with our incident response process. This has involved further securing our networks in partnership with our cybersecurity partners and safely restoring our systems to ensure that we can continue to provide the very best care to our patients. 

Normal business operations have been restored and maintained for patients. No subsequent activity was detected after 14 February 2025. 

What patient records do we hold? 

Genea will continue to retain patient records in accordance with applicable healthcare regulations and other legal requirements that mandate retention. 

Who have we informed about the incident?

We have continued to engage with the Office of the Australian Information Commissioner, the Australian Federal Police, the National Office of Cyber Security and the Australian Cyber Security Centre in relation to this incident. We have also been in contact with relevant state departments about the incident.

What is happening now?

Genea is continuing its e-discovery (digital investigation) exercise to review and analyse the data that has been published on the dark web. This is a detailed and complex process which will take some time to complete to ensure we can clearly identify impacted individuals and the personal information relating to each of them.  

We anticipate that our digital investigation will be complete, and we will be able to share relevant findings with affected individuals in June 2025. We will provide an update if there is any delay to this timeframe. 

Additional recommendations for you

We acknowledge the importance that people place on their information, especially in this current environment. Here are some general steps you can also take to help protect your information:

1. Be extra careful about opening any suspicious emails, texts or phone calls, or any possible attempts to contact you from people or organisations you don’t know.  

2. Remain vigilant as to any other attempts that might relate to possible identity theft or fraud using your personal information.

3. If you have any questions about government-issued identity document information (such as your driver licence, Medicare card or passport), please contact the agency that issued the identity document for advice.

4. Visit the Australian Cyber Security Centre website or the ACCC’s Scamwatch for further information about online safety, cyber security and other helpful tips.

5. Read more information about protecting yourself from identity fraud here.

   
   

We thank our community for their patience and understanding during this cyber incident. We deeply regret that your personal information may have been accessed by reason of this incident and sincerely apologise for any concern this incident may have caused.