Factual. Independent. Impartial.
Support AAP with a free or paid subscription
Health
Farid Farid

Patient details exposed in medical centres cyberattack

More than 20 of Partnered Health's clinics have been affected by a data breach on June 23. (Dan Himbrechts/AAP PHOTOS)

Thousands of medical records and patient information stored with a giant healthcare provider have been breached in a cyberattack.

Partnered Health, owned by private equity firm Quadrant, said 21 clinics across several cities including Sydney, Melbourne and Canberra have been affected by the breach on June 23.

"Our investigations to date have confirmed that personal information (including health information) was taken from some of the clinics in our network," the healthcare provider said on Wednesday.

"As a health services provider, we know our patients and our people trust us with personal and medical information and we sincerely apologise for any concern and inconvenience this may cause them."

A man using a laptop, Sydney
Personal information in the Partnered Health breach includes names, addresses and Medicare details. (April Fonti/AAP PHOTOS)

The healthcare group said "a malicious actor" accessed the data, prompting it to report the incident to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and law enforcement.

Personal information stolen included names, dates of birth, addresses and contact details as well as Medicare, private health insurance and concession card details.

Medical information and treatment details, including consultation notes, referral letters, and pathology or diagnostic results recorded by a GP were also breached.

The medical group has sought an interim injunction from the Supreme Court of NSW ordering the accessed data is not used or published.

An email from Qantas detailing a data breach in 2025
Recent data breaches include a cyberattack on Qantas, with data reportedly leaked on the dark web. (Paul Braven/AAP PHOTOS)

Established in 2013, Partnered Health has more than 60 medical centres nationwide as well as skin cancer, allied health and mental health clinics, with its services reaching more than five million people.

Health insurer Bupa announced in June it was acquiring Partnered Health, the latest major business to be struck by hackers. 

Data breach notifications to the Office of the Australian Information Commissioner reached a record high in 2025, with major incidents including a cyberattack on Qantas that compromised the details of 5.7 million customers and reportedly leaked on the dark web.

The office said it received 1205 data breach notifications in the 2025 calendar year, representing an eight per cent increase from 2024.

License this article

Sign up to read this article for free
Choose between a free or paid subscription to AAP News
Start reading
Already a member? Sign in here
Top stories on AAP right now