🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇦🇺 AU › Healthcare

Genea Fertility

🇦🇺 Sydney, NSW · Genea · Record AU-2025-0055
○ Reported — awaiting official confirmation
Reported — awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
Not disclosed
Breach date
2025-02
Regulator
OAIC (notified)
Trust tier
B · Reported

Data exposed

Sensitive patient and fertility/medical records (published on the dark web) Media-reported

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

In February 2025 Genea, one of Australia’s largest IVF providers, was hit by a ransomware attack; sensitive patient and fertility/medical records were subsequently published on the dark web [techcrunch-genea] [acs-genea]. A class action was filed and the OAIC was notified. The number of patients affected was not officially quantified and is not estimated here.

Timeline

  • 2025-02 — Genea attacked; patient data later published on the dark web [techcrunch-genea].

Current status

Under investigation, with class-action litigation reported. Figures are as reported. [acs-genea]

Why it matters

Among the most sensitive health data imaginable — fertility records — leaked publicly. A stark case in the health sector’s exposure to data-theft extortion.

GGOVERN Tabletop Exercises · Govern house When ransomware hits the ward, will your team know the call? Book a Discovery Call →