Termite ransomware group claims massive data theft from Genea's systems
The infamous Termite ransomware group said it hacked into the internal network of Australian IVF provider Genea and stole hundreds of gigabytes of confidential data.
Earlier this month, Australian IVF giant Genea said in a data security incident notice published on its website that threat actors infiltrated its internal network and accessed its patient management systems that stored the sensitive personal and health data of patients.
The company said it has obtained a court-ordered injunction to prevent the leaked data from being shared by others. According to the court order, the threat actor infiltrated Genea’s network on January 31 via a Citrix server. It then gained access to the primary file server, domain controller, backup program, and BabySentry primary patient management system.
Genea added that on February 14, the threat actors exfiltrated 940.7 gigabytes of data from its compromised systems to a DigitalOcean cloud server under their control.
The compromised data included full names, emails, addresses, phone numbers, medicare card numbers, private health insurance details, defence DA numbers, medical record numbers, patient numbers, dates of birth, medical history, diagnoses and treatments, medications and prescriptions, patient health questionnaire, pathology and diagnostic test results, notes from doctors, appointment details, emergency contacts and next of kin.
While the company did not share details on who is responsible for the cyber attack, the Termite ransomware group has claimed responsibility for the attack and listed the IVF giant as a victim on its data leak site.
🚨Cyberattack Alert ‼️
— HackManac (@H4ckManac) February 26, 2025
🇦🇺Australia - Genea
Termite hacking group claims responsibility for the cyberattack on Genea. According to the post, 700 GB of confidential and personal client data were exfiltrated.
Genea, one of Australia's largest IVF providers, recently disclosed… pic.twitter.com/HIpRrXC5L8
The group claims to be in possession of 700 GB of confidential and personal client data and has shared samples of the stolen data to prove the authenticity of its claim.
Acknowledging the ransomware group’s claim, a Genea spokesperson said, “Our ongoing investigation has established that on the 26th of February, data taken from our systems appears to have been published externally by the threat actor. We understand that this development may be concerning for our patients for which we unreservedly apologise.”
Related Articles
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
The Expert View: Transforming security through risk intelligenceSponsored by Obrela
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543