Genea: Investigation and warning as hackers may have stolen IVF patients' personal data

IVF patients’ personal information may have been stolen in a cyber security breach, with victims warned to be on alert for possible identity theft or fraud.

An investigation following the February 14 cyber attack on major IVF provider Genea has found patient management systems were accessed by an unauthorised third party

The systems contain a raft of personal information, including full names, emails, addresses, phone numbers, Medicare card numbers, private health insurance details, medical history, diagnoses, treatments, medications and prescriptions.

“We stress that at this point in time it is unknown what personal information within the folders on the patient management system has been compromised,” the company told patients.

There was no evidence, for now, that hackers stole financial information such as credit card details or bank account numbers.

The Office of the Australian Information Commissioner and the Australian Cyber Security Centre have been notified of the cyber breach.

Genea was founded in 1986 by Professor Robert Jansen under the name Sydney IVF and has locations in NSW, Victoria, Queensland, South Australia, Western Australia and the ACT.

The company has offered to foot the bill for worried patients who want to use specialist service, IDCARE, to protect their personal information.

“We deeply regret that your personal information may have been accessed by reason of this incident and sincerely apologise for any concern this incident may have caused,” the company said.

“Our teams of specialists, nurses and office support staff are working tirelessly to ensure that there is minimal disruption to your treatment, which is of our utmost priority and importance.”

Patients were also encouraged to be careful opening any suspicious emails, texts or phone calls and advised to vigilant to any other attempts of possible identity theft or fraud using their personal information.