https://www.smh.com.au/national/nsw/patient-details-exposed-in-cyberattack-on-australian-healthcare-provider-20260715-p60fna.html

Australian healthcare provider Partnered Health has been hit by a serious cyberattack that has resulted in the theft of sensitive patient information from 21 clinics across its national network. The breach, which the company became aware of more than three weeks before notifying affected patients on Wednesday, has compromised a wide range of highly personal data including diagnostic and pathology results, consultation notes, referral letters, home addresses, private health insurance details, and Medicare information. Clinics impacted by the breach span multiple states and territories, including New South Wales, Victoria, Queensland, Western Australia, and the ACT, with the full extent of data extracted from five additional clinics (three in WA and two in Victoria) still under investigation.

Partnered Health, which was established in 2013 and operates 60 clinics across Australia, stated that while there is no direct evidence patient records have been viewed, it notified affected patients as a precautionary measure. The company has since reported the incident to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and law enforcement authorities. In an effort to contain further damage, Partnered Health has also obtained an interim injunction order through the NSW Supreme Court to prevent the accessed data from being published or used. The federal government confirmed it was aware of the incident, with a Home Affairs spokesperson advising that relevant agencies are engaged.

The attack raises serious concerns about the vulnerability of healthcare data in Australia, given the highly sensitive nature of the information involved. The three-week delay between the company becoming aware of the breach and notifying patients is likely to draw scrutiny from regulators and privacy advocates alike. The total number of patients affected remains unclear, as does the identity of the threat actor responsible. Partnered Health has apologised to affected patients and advised them to take precautionary steps to protect their personal information while the investigation continues.

Discover more from Edwin Kwan

Subscribe now to keep reading and get access to the full archive.

Continue reading