In brief
- Healthcare provider Partnered Health said it had been breached in a recent cyber attack.
- The company said a large amount of personal information was stolen by a "malicious actor".
Thousands of medical records and patient information stored with a giant healthcare provider have been breached in a cyber attack.
Partnered Health, owned by private equity firm Quadrant, said 21 clinics across several cities including Sydney, Melbourne and Canberra have been affected by the breach on 23 June.
"Our investigations to date have confirmed that personal information (including health information) was taken from some of the clinics in our network," the healthcare provider said on Wednesday.
"As a health services provider, we know our patients and our people trust us with personal and medical information, and we sincerely apologise for any concern and inconvenience this may cause them."
The healthcare group said "a malicious actor" accessed the data, prompting it to report the incident to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and law enforcement.
News that makes sense
Your trusted source for staying up-to-date with the world around you. Get free daily news updates and analysis, straight to your inbox.
Personal information stolen included names, dates of birth, addresses and contact details as well as Medicare, private health insurance and concession card details.
Medical information and treatment details, including consultation notes, referral letters, and pathology or diagnostic results recorded by a GP were also breached.
The medical group has sought an interim injunction from the Supreme Court of NSW ordering that the accessed data is not used or published.
Established in 2013, Partnered Health has more than 60 medical centres nationwide as well as skin cancer, allied health and mental health clinics, with its services reaching more than five million people.
Health insurer Bupa announced in June it was acquiring Partnered Health, the latest major business to be struck by hackers.
Data breach notifications to the Office of the Australian Information Commissioner reached a record high in 2025, with major incidents including a cyberattack on Qantas that compromised the details of 5.7 million customers and reportedly leaked on the dark web.
The office said it received 1205 data breach notifications in the 2025 calendar year, representing an eight per cent increase from 2024.
For the latest from SBS News, download our app and subscribe to our newsletter.

