Major IVF provider Genea suffers cyber incident Information Age ACS
p
I agree to receive Information Age
pp
I declare that I have read understood and agree to the
ACS Privacy Policy
and consent to my personal information being collected held and processed for the purposes outlined in that policy
ppThanks for signing upppSorry there was an error with your requestpp
By David Braue on Feb 20 2025 1254 PM
pp
Print article
ppMajor Australian in vitro fertilisation IVF provider Genea is working to reassure distressed patients after confirming that an unauthorised third party has accessed its data in a breach whose scope is still becoming clearppA nationwide provider of IVF services that is among Australias largest the firm said in an update that it had detected suspicious activity on its network and had shut down some systems and servers while it investigated to find out what data and systems were breachedppPhone lines were down Geneas app was offline and emails were going unanswered the ABC reported in quoting frustrated patients who rely on the clinics data processing systems to manage critical blood test data that sets the timing of their 12000 IVF treatment cyclesppPatients fear the disruptions from what Genea termed a cyber incident could not only put sensitive personal and medical information into cybercriminals hands but compromise the efficacy of their treatment cyclesppWe want to reassure patients that we take your privacy and the security of your data very seriously Genea said in committing to contacting affected individuals directly if their investigation identifies any evidence that their personal information has been impactedppFor patients that have not been directly notified by their local clinic Genea advises that there is no change to your current treatment schedule ensuring that there is minimal disruption to your treatment is of our utmost priority and importanceppGenea along with rival firms Monash IVF and Virtus is said to account for over 80 per cent of the projected 810 million in revenues the IVF industry will generate this year as it contributes to the birth of nearly one in 20 Australian babiesppThe company isnt the first IVF provider to be targeted by cyber criminals with Monash IVF suffering a malicious cyber attack in 2019 that saw its patients targeted by scammers who used stolen data to try to trick its clients into opening malicious email attachmentsppClients of Genea should be on the lookout for similar scams with the Australian Cyber Security Centre ACSC advising caution after any data breach and telling victims to be ready to act if their data turns out to have been compromisedppThe sensitivity of IVFrelated data was evident last year after Monash IVF settled a 56 million class action after it destroyed the embryos of more than 700 patients based on incorrect datappThe personal nature of healthcare data has made it the most frequently attacked industry sector with financial and risk advisory firm Kroll recently reporting that healthcare breaches comprised 23 per cent of all breaches last year up from 18 per cent the year beforeppThis included the breach of Change Healthcare which was last year hit by ransomware that crippled the US healthcare system for weeks with recent revelations that the incident caused by a lack of multifactor authentication MFA affected 190 million peopleppWe are moving into a new era in which our expectations of entities are higher Australian Privacy Commissioner Karly Kind wrote as Office of the Australian Information Commissioner OAIC statistics confirmed that healthcare firms account for 1 in 5 Australian data breachesppHealth service providers reported 102 breaches during the first half of 2024 the OAIC said nearly twice as many as were reported by Australian government bodies and as many as were reported by financial services bodies and education providers combinedppRecent enforcement action against firms like Australian Clinical Labs which was sued in 2023 after the OAIC alleged it had failed to take reasonable steps to protect clients personal information from unauthorised access or disclosure reflected growing impatience with poor securityppWith 189 data breaches involving healthcare data during the first half of 2024 Kind said that such action should send a strong message that keeping personal information secure and meeting the requirements of the NDB scheme must be prioritiesppDavid Braue is an awardwinning technology journalist who has covered Australias technology industry since 1995 A lifelong technophile he has written and edited content for a broad range of audiences across myriad consumer and business topics with a particular focus on managing the intersection of technological innovation and business transformation He has twice won Best IT Journalist at the Australian IT Journalism awards and was named Best Technology Journalist at the 2024 Australian Technologies Competitionp
I agree to receive Information Age
pp
I declare that I have read understood and agree to the
ACS Privacy Policy
and consent to my personal information being collected held and processed for the purposes outlined in that policy
ppThanks for signing upppSorry there was an error with your requestpp
By David Braue on Feb 20 2025 1254 PM
pp
Print article
ppMajor Australian in vitro fertilisation IVF provider Genea is working to reassure distressed patients after confirming that an unauthorised third party has accessed its data in a breach whose scope is still becoming clearppA nationwide provider of IVF services that is among Australias largest the firm said in an update that it had detected suspicious activity on its network and had shut down some systems and servers while it investigated to find out what data and systems were breachedppPhone lines were down Geneas app was offline and emails were going unanswered the ABC reported in quoting frustrated patients who rely on the clinics data processing systems to manage critical blood test data that sets the timing of their 12000 IVF treatment cyclesppPatients fear the disruptions from what Genea termed a cyber incident could not only put sensitive personal and medical information into cybercriminals hands but compromise the efficacy of their treatment cyclesppWe want to reassure patients that we take your privacy and the security of your data very seriously Genea said in committing to contacting affected individuals directly if their investigation identifies any evidence that their personal information has been impactedppFor patients that have not been directly notified by their local clinic Genea advises that there is no change to your current treatment schedule ensuring that there is minimal disruption to your treatment is of our utmost priority and importanceppGenea along with rival firms Monash IVF and Virtus is said to account for over 80 per cent of the projected 810 million in revenues the IVF industry will generate this year as it contributes to the birth of nearly one in 20 Australian babiesppThe company isnt the first IVF provider to be targeted by cyber criminals with Monash IVF suffering a malicious cyber attack in 2019 that saw its patients targeted by scammers who used stolen data to try to trick its clients into opening malicious email attachmentsppClients of Genea should be on the lookout for similar scams with the Australian Cyber Security Centre ACSC advising caution after any data breach and telling victims to be ready to act if their data turns out to have been compromisedppThe sensitivity of IVFrelated data was evident last year after Monash IVF settled a 56 million class action after it destroyed the embryos of more than 700 patients based on incorrect datappThe personal nature of healthcare data has made it the most frequently attacked industry sector with financial and risk advisory firm Kroll recently reporting that healthcare breaches comprised 23 per cent of all breaches last year up from 18 per cent the year beforeppThis included the breach of Change Healthcare which was last year hit by ransomware that crippled the US healthcare system for weeks with recent revelations that the incident caused by a lack of multifactor authentication MFA affected 190 million peopleppWe are moving into a new era in which our expectations of entities are higher Australian Privacy Commissioner Karly Kind wrote as Office of the Australian Information Commissioner OAIC statistics confirmed that healthcare firms account for 1 in 5 Australian data breachesppHealth service providers reported 102 breaches during the first half of 2024 the OAIC said nearly twice as many as were reported by Australian government bodies and as many as were reported by financial services bodies and education providers combinedppRecent enforcement action against firms like Australian Clinical Labs which was sued in 2023 after the OAIC alleged it had failed to take reasonable steps to protect clients personal information from unauthorised access or disclosure reflected growing impatience with poor securityppWith 189 data breaches involving healthcare data during the first half of 2024 Kind said that such action should send a strong message that keeping personal information secure and meeting the requirements of the NDB scheme must be prioritiesppDavid Braue is an awardwinning technology journalist who has covered Australias technology industry since 1995 A lifelong technophile he has written and edited content for a broad range of audiences across myriad consumer and business topics with a particular focus on managing the intersection of technological innovation and business transformation He has twice won Best IT Journalist at the Australian IT Journalism awards and was named Best Technology Journalist at the 2024 Australian Technologies Competitionp
