The overseas actors claiming responsibility reportedly shared screenshots of the information taken from Genea on dark net sites today.
Genea confirmed it had seen “threat actors” had published data online from its systems.
The ransomware group said it has 700GB of data from Genea’s servers from patients over the past six years, according to reports.
The IVF giant said it had obtained a court-ordered injunction to prohibit any access, use or publication of the stolen data.
It also could not confirm what patient information has already been shared on the dark web.
“We understand that this development may be concerning for our patients for which we unreservedly apologise,” Genea said in a statement.
“We are continuing to engage with the Office of the Australian Information Commissioner and the Australian Cyber Security Centre in relation to this incident.”
Genea sent an email to patients following the February 14 breach and said information from patient management systems had been accessed.
The information includes full names, addresses, emails, Medicare numbers, medical history, medication and prescriptions, test results, notes from doctors, appointment schedules and emergency contact details.
“As a result of our ongoing investigation, we now believe the attacker may have accessed and taken personal information which we hold,” Genea said in the email.
“At this stage there is no evidence that any financial information such as credit card details or bank account numbers have been impacted by this incident.
“The investigation is however ongoing, and we will keep you updated of any relevant further findings should they come to light.”
Genea is one of Australia’s three largest IVF providers, with thousands of patients at clinics nationwide.