In The Event Of
Get started free
G

Genea Fertility IVF Breach 2025:
What You Need to Know

Approximately 940,000 patient records from Australian IVF provider Genea were exposed after the Termite ransomware group published stolen data online. Fertility care is among the most personal data a person holds, and a breach of this nature can feel deeply intrusive. Here is what happened, what was leaked, and the practical steps you can take to protect yourself.

Breach date:14 February 2025
Records affected:~940,000
Risk level:High

Your personal risk from this breach

Sign in or create a free account to see your personalised risk score.

View My Risk

What Happened

How the Genea Breach Unfolded

Early February 2025

An affiliate of the Termite ransomware groupgained initial access to Genea's network and exfiltrated highly sensitive patient data over the preceding weeks before being detected.

14 February 2025

Genea detected unusual activity on its network and engaged external cybersecurity specialists. The clinic began containment work and notified relevant authorities, including the Office of the Australian Information Commissioner (OAIC).

Mid to late February 2025

After Genea declined to pay the ransom, the Termite group published approximately 940,000 stolen patient records on its dark-web leak site. The data included names, contact details, Medicare numbers, and sensitive medical information.

26 February 2025

TechCrunch published an investigation confirming the scale and sensitivity of the leaked dataset, including clinical notes and pathology results.

Affected patients began receiving individual notification from Genea, with details of the specific records exposed for them and information about available support.

March 2025 onwards

Genea continued individual notifications to affected patients and established support resources. The OAIC commenced its investigation under the Notifiable Data Breaches scheme.

Sources: TechCrunch (26 Feb 2025), OAIC Notifiable Data Breaches

What Was Exposed

Personal Data Leaked in the Breach

The breach affected approximately 940,000 Genea patient records. The exposed data is unusually sensitive: alongside the standard identity details (name, date of birth, address, contact details and Medicare information), the dataset includes medical history, pathology results, clinical notes, and details of fertility treatment cycles for a subset of patients.

Data TypeRisk LevelWho Was Affected
Full nameHighAll approximately 940,000 affected patients
Date of birthHighAll approximately 940,000 affected patients
Home addressHighAll approximately 940,000 affected patients
Phone numberHighAll approximately 940,000 affected patients
Email addressHighAll approximately 940,000 affected patients
Medicare numberHighSubset of affected patients
Health insurance detailsHighSubset of affected patients
Medical history and pathology resultsHighSubset of affected patients (including fertility treatment details, hormone results, and clinical investigations)
Clinical notesHighSubset of affected patients (correspondence between treating clinicians)
Financial recordsMediumSubset of affected patients (billing records for treatment cycles)

Risk levels based on the OAIC: What is personal information? and OAIC Australian Privacy Principles. Medical and fertility treatment data is rated at the highest level because it cannot be reissued or revoked, and exposure can have ongoing personal and psychological impact in addition to identity-fraud risk.

Confirmed NOT Exposed

Genea has stated that genetic testing data and embryo identification details were held on separate, isolated systems and were not part of the affected dataset. Account passwords were also not in the exposed data, though patients are encouraged to update passwords on any Genea or related health-provider account as a precaution.

Company Response

What Genea Did

“We deeply regret the distress this incident has caused our patients and their families. The privacy of the people who trust us with their care is our highest priority, and we are committed to supporting every affected patient.”
Genea, public statement (February 2025)

Actions Taken by Genea

  • Immediately isolated affected systems and engaged external cybersecurity specialists
  • Notified the Office of the Australian Information Commissioner (OAIC) and other relevant authorities
  • Declined to pay the ransom, in line with Australian Government guidance
  • Confirmed that genetic testing data and embryo identification details were held on separate, isolated systems and were not exposed
  • Began individual notification of affected patients with details of the specific records exposed
  • Established a dedicated patient support line and worked with IDCare to provide identity-protection and emotional support
OAIC: Notifiable Data BreachesGenea Official Website

What Now?

Steps You Can Take After the Genea Breach

This breach is particularly sensitive because it includes medical history pathology results and clinical notes alongside the standard name date of birth address Medicare number and contact details. Health data cannot be reissued like a password or credit card, so the focus is on practical identity-protection steps and remaining alert for highly targeted scams. Below are best-practice steps, organised by the types of accounts and protections most relevant.

Genea and Health Provider Accounts

Your IVF clinic, GP, and specialist portals may share the same email and password.

Secure your Genea patient account

~5 min
It is considered best practice to update the password on any Genea patient portal, and to enable MFA where it is available. Although Genea has stated that account passwords were not in the exposed dataset, changing the password removes any residual risk and is a sensible precaution after any health-data breach.
Go to Genea

Review other health provider accounts

Where the same email address or password has been used across other health provider portals (GP, specialists, pathology services, other fertility clinics), consider updating credentials on those accounts. Credential reuse remains one of the most common ways a single breach leads to broader exposure across the health-care ecosystem.

Email and Digital Identity

Your email is the key to your digital identity. Securing it is a sensible first step.

Strengthen email security

~5 min
Updating the password and enabling MFA on the email account associated with the breach is widely recommended. It is also worth checking email forwarding rules and connected app permissions, as these can be exploited to silently intercept communications, including future notifications from health providers.

Understand your full account exposure

Most people have dozens of online accounts linked to a single email address. When that email is exposed in a breach, understanding which services are connected is a critical first step in assessing personal risk. Tools that map your digital footprint can help identify accounts that may need attention.

Identity and Medicare Protection

Name, date of birth, address, and Medicare details are commonly used in identity verification.

Consider a credit ban

~20 min
With name date of birth and address all in the exposed dataset, the combination could potentially be used in fraudulent credit applications. Placing a free credit ban with the Australian credit bureaus prevents new credit from being opened in your name without additional verification.
Equifax AUExperian AU (formerly Illion)

Contact Services Australia about Medicare number misuse

~15 min
If a Medicare number was included in the breach, it is worth contacting Services Australia to discuss protections. Exposed Medicare numbers can be used in fraudulent claims and as part of a broader identity-takeover attempt. A replacement Medicare card with a new number may be available in some circumstances.
Services Australia: Medicare

Treat any ID-verification calls or messages with suspicion

With this much identity information in circulation, scammers can be persuasive. Treat any unsolicited call, SMS, or email that asks you to confirm identity details, click a link, or transfer funds with caution, even if the caller knows specific personal details about you. Hang up and call the organisation back on a number you have independently verified.

Monitoring and Emotional Support

Australian resources for breach response, identity protection, and the psychological impact of a sensitive breach.

Stay alert for highly targeted phishing

Exposed medical history clinical notes and Medicare number can be used to craft convincing phishing or extortion messages that reference specific treatments, providers, or appointments. Treat any unsolicited contact referencing your fertility care or Genea account details with caution, and verify directly through official channels.

Contact IDCare for tailored support

IDCare (1800 595 160) is Australia's national identity and cyber support service. They provide free, confidential guidance and are experienced in supporting people affected by sensitive-data breaches, including the emotional impact that can come with seeing private medical information exposed. There is no expectation that you handle this alone, and reaching out is a practical step rather than an overreaction.

Report scams to Scamwatch

Reporting any related scam attempts to Scamwatch contributes to broader awareness and helps authorities track emerging threats targeting Genea patients.

Acknowledge the personal impact

Fertility care is intimate and often comes after a long, difficult journey. Seeing that information exposed can bring up real distress, and that response is valid. If you find the breach is weighing on you, your GP, Lifeline (13 11 14), or Beyond Blue (1300 22 4636) can provide support. IDCare counsellors are also experienced in helping people work through the emotional side of sensitive-data exposure.

Not sure which of your accounts are affected?

In The Event Of discovers your accounts automatically and alerts you in real time when new breaches affect your data.

Check My Email Free

Are You Still at Risk?

The Hidden Danger: Compound Breach Exposure

The Genea breach did not happen in isolation. If your data also appeared in other major Australian breaches, the combination of leaked information can build a more complete identity and health profile.

How breach data compounds

On its own, the Genea breach exposed names, dates of birth, addresses, Medicare numbers, and sensitive medical history. But if your email also appeared in the Medibank, Australian Clinical Labs, MediSecure, or Optus breaches, the combined dataset may also include health claims, pathology results, prescriptions, passport details, and driver licence numbers. This kind of compound exposure significantly increases the risk of identity fraud and highly targeted scams.

  • Medibank (2022)9.7M records - health claims, Medicare details
  • Australian Clinical Labs (2022)223K records - pathology results, Medicare numbers
  • MediSecure (2025)12.9M records - prescription and health data
  • Optus (2022)9.8M records - passport, licence, Medicare numbers

If your email appears in two or more of these breaches, your risk level is significantly elevated. In The Event Of can overlay your breach data to show exactly where your exposure compounds, and help you prioritise what to address first.

Were you affected?

Find out in 30 seconds. Free to check.

Check My Email Free

No credit card required.

Frequently Asked Questions

Genea Breach FAQ

Sources

  1. TechCrunch: "Hackers publish sensitive patient data allegedly stolen from Australian IVF provider Genea" (26 Feb 2025)
  2. Genea: Official website
  3. OAIC: Notifiable Data Breaches
  4. Services Australia: Medicare
  5. IDCare: National identity and cyber support service
  6. OAIC: What is personal information? (Privacy Act 1988 categories)
  7. OAIC: Australian Privacy Principles

Other Major Australian Data Breaches

Data from multiple breaches can be combined to increase identity fraud risk. Review these guides to understand your full exposure.

NYC Health + Hospitals Data Breach 2026

~1.8M records exposed

Critical

Australian Courts Data Breach 2026

Thousands of files records exposed

Critical

youX Data Breach 2026

~444K records exposed

High

Prosura Data Breach 2026

300K-500K records exposed

High

Canvas (Instructure) Data Breach 2026

~275M (claimed) records exposed

Medium

Booking.com Data Breach 2026

Undisclosed records exposed

High

McGraw Hill Data Breach 2026

13.5M records exposed

High

Crunchyroll Data Breach 2026

Undisclosed records exposed

High

Eurail Data Breach 2026

300K+ records exposed

High

Basic-Fit Data Breach 2026

1M records exposed

High

Under Armour Data Breach 2025

72M records exposed

High

Salesforce (ShinyHunters) Data Breach 2025

~1B records exposed

High

Allianz Life Data Breach 2025

2.8M records exposed

High

Workday Data Breach 2025

Undisclosed records exposed

Medium

Western Sydney University Data Breach 2025

10K records exposed

High

DeepSeek Data Breach 2025

1M records exposed

Medium

Tangerine Telecom Data Breach 2024

232K records exposed

High

Australian Clinical Labs Data Breach 2022

223K records exposed

Critical

Qantas Data Breach 2025

5.7M records exposed

High

Optus Data Breach 2022

9.8M records exposed

Critical

Medibank Data Breach 2022

9.7M records exposed

Critical

Latitude Financial Data Breach 2023

14M records exposed

Critical

MyDeal (Woolworths) Data Breach 2022

2.2M records exposed

High
View all breach guides →

Disclaimer: This guide is provided for general informational purposes only and does not constitute legal, financial, medical, or professional advice. The information is based on publicly available sources at the time of writing and may not reflect the most current developments. In The Event Of Pty Ltd (ABN 38 687 352 647) is not affiliated with Genea Limited. If you believe you have been affected by this data breach, we recommend contacting the relevant authorities and seeking professional guidance specific to your circumstances.