Partnered Health confirms cyber incident affecting patient information across national clinic network

0

Partnered Health has confirmed that a cyber security incident resulted in unauthorised access to data held by some clinics across its national healthcare network, with patient personal and health information potentially compromised.

According to the healthcare provider’s official statement, the organisation became aware on 23 June 2026 that “a malicious actor accessed some of our data.” Partnered Health said it activated its cyber incident response, engaged specialist cyber security experts and commenced a forensic investigation to determine the nature and extent of the incident.

The organisation has since confirmed that its investigations established that personal information, including health information, was taken from some clinics within its network.

Partnered Health said the types of information involved may include patient names, dates of birth, residential addresses, telephone numbers, email addresses, Medicare numbers, concession card details, private health insurance information and, for some patients, clinical information such as consultation notes, referral letters, pathology reports and diagnostic results.

While Partnered Health said there is currently no evidence that all potentially affected records have been viewed, it said it is notifying patients from impacted clinics as a precaution and providing advice on steps they can take to help protect their personal information.

The provider confirmed that 16 clinics have been identified as impacted, while investigations continue into several additional clinics to determine whether patient information was also affected.

Partnered Health said it has notified the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and relevant law enforcement agencies. External cyber security specialists continue to support the forensic investigation and remediation activities.

As part of its response, the organisation has also obtained an interim injunction from the Supreme Court of New South Wales ordering that any accessed data must not be used, published or disseminated.

Partnered Health said it is working with Services Australia regarding Medicare information that may have been involved and is encouraging affected patients to remain vigilant against phishing emails, fraudulent text messages and telephone calls that may reference legitimate personal or medical information in an attempt to obtain further personal or financial details.

Patients are also being advised to monitor their Medicare and private health insurance accounts, be alert to unusual activity and carefully review any communications claiming to be from healthcare providers or government agencies.

The incident highlights ongoing cyber security challenges in Australia’s healthcare sector, where sensitive medical information remains a target for cyber criminals. Health records typically contain extensive personal identifiers and clinical histories, which can be used for identity fraud, social engineering and other cyber-enabled crime.

Partnered Health has apologised to patients and staff for the incident and acknowledged the trust placed in healthcare providers to protect sensitive personal information.

The organisation said its investigation remains ongoing and that it will continue communicating directly with affected individuals as further information becomes available. Patients seeking additional information or support are being directed to the cyber incident pages on the Partnered Health website.

Official Partnered Health references:

Recent Cyber Incident: https://partneredhealth.com.au/partnered-health-recent-cyber-incident/

Patient Support Information: https://partneredhealth.com.au/support/

Share.