Cyber Incident Victim: Reproductive Biology Associates

Reproductive Biology Associates (RBA), a Georgia-based fertility clinic providing services including egg donor recruitment and storage through its affiliate MyEggBank, experienced a ransomware attack that compromised sensitive patient data. The clinic first detected the incident on April 16, 2021, when attackers encrypted a file server containing embryology data, rendering it inaccessible. Forensic analysis indicated initial unauthorized system access occurred earlier on April 7, with threat actors breaching a server holding protected health information by April 10. This timeline aligns with typical ransomware attack patterns where adversaries establish network footholds before executing encryption and data exfiltration.

RBA confirmed on June 7, 2021, that attackers stole personal information affecting approximately 38,000 patients during the intrusion. Compromised data included full names, addresses, Social Security numbers, laboratory results, and sensitive details regarding human tissue handling. The clinic engaged an IT services firm to investigate the attack methodology, assess data exposure, and implement network security enhancements. While RBA did not explicitly acknowledge paying ransom, their breach notification stated they regained access to encrypted files and received assurancess from the threat actor that stolen data was deleted. Affected individuals were offered complimentary identity theft monitoring services and advised to review credit reports for fraudulent activity. The incident exposed patients to potential secondary threats including targeted phishing schemes leveraging fertility treatment details and financial fraud risks stemming from exposed Social Security numbers.