Why communication is as critical as cybersecurity: Genea breach
In February 2025, Genea, a major Australian IVF clinic, was targeted in a cyberattack that unfolded over several weeks, exposing nearly 1TB of sensitive data, including medical records, contact details, IDs, and test results. [1]
Patients and experts have criticised the clinic for its lack of timely and transparent communication, with one commenting, "They didn't say anything about the data breach, just said they couldn't go ahead with the cycle tracking this month." [2]
Genea became aware of unauthorised access on 31st January, but patients were not informed until 19th February—almost three weeks later. It was a further five days before the full list of stolen data was released, but by 26th February, it was already on the dark web. [1]
The delay in notifying patients from when the breach was initially detected was due to the clinic’s focus on securing its network and assessing the scope of the attack. While this is important, it should have been prioritised alongside communication efforts, which would have lessened the reputational damage that ensued.
Reputational damage
Data on the consequences of disruptions over the past twelve months placed reputational damage in the top five with just over a third of organizations sharing that they’d suffered this effect following an incident [3].
Reputation is intangible, and damage is therefore hard to quantify, but tell-tale signs include drops in shares, staff retention issues, and investigations. For example, the UK's Partygate scandal, where government staff held gatherings during the COVID-19 lockdown led to a public inquiry, called the government's capabilities into question [4].
Certain sectors are more vulnerable than others due to the sensitive data and nature of the work involved (health, finance, government, etc.), but the risk is real for all, which is why being prepared is essential, especially when considering findings from the BCI Emergency Crisis Communications Report 2025 [5], which reveals a sharp rise in activation of crisis communication plans due to data breaches (43%) compared to 35.6% over the previous year—an increase of 7.4 percentage points.
Prepare and protect
A business continuity practitioner located in the Middle East [5]. highlighted the importance of resilience: “Resilience is not a one-time effort; it’s an ongoing process. Organizations that prioritise training, technology, and structured response frameworks will always be better prepared for the unexpected.”
Unfortunately, there is no way to predict disruptions like cyberattacks, but preparing in advance can make all the difference, especially where reputation is concerned.
Findings from the BCI Emergency Crisis Communications Report 2025 [5], reveal that many organizations are still reliant on outdated or insufficient crisis communication methods despite advancements in tools and systems.
Research reveals a significant difference in the response capabilities of organizations using technology. 28.1% of surveyed organizations can activate their emergency communications plans within 5 minutes leveraging technology, as opposed to 11.5% without.
However human-driven issues such as inaccurate contact information, lack of engagement and poor internal coordination lead to response gaps and constitute barriers to effective crisis management.
These leading causes of failure in emergency communications highlight the importance of ongoing training and preparation alongside technological upgrades to maintain credibility with customers and stakeholders.
The BCI Emergency Crisis Communications Report 2025 [5] serves as a strategic tool for futureproofing your organization against reputational damage. Use it to prepare your crisis communications plans before crisis strikes.
[1] Breathtaking Genea cyberattack reveals stunning Australian problem
[2] Genea cyber incident: IVF clinic investigates potential data breach
[3] BCI Horizon Scan Report 2024
[4] Weight loss jabs linked to reduced risk of heart problems
[5] BCI Emergency & Crisis Communications Report 2025
More on
About the author
Naz Karimi-Clarke
Content Manager, The BCI
