What happened
In February 2025 Genea, one of Australia’s largest IVF providers, was hit by a ransomware attack; sensitive patient and fertility/medical records were subsequently published on the dark web [techcrunch-genea] [acs-genea]. A class action was filed and the OAIC was notified. The number of patients affected was not officially quantified and is not estimated here.
Timeline
- 2025-02 — Genea attacked; patient data later published on the dark web [techcrunch-genea].
Current status
Under investigation, with class-action litigation reported. Figures are as reported. [acs-genea]
Why it matters
Among the most sensitive health data imaginable — fertility records — leaked publicly. A stark case in the health sector’s exposure to data-theft extortion.