Private patient information which was stolen in a cyber attack targeting a major health provider has been uploaded online.
Last week it was revealed Pinnacle Health, a major GP network, was the victim of a cyber attack when hackers managed to infiltrate its IT system and gain access to the personal data of hundreds of thousands of patients.
At the time Pinnacle Health said people's private health notes were not at risk of exposure.
But in a statement on Monday, the company confirmed information stolen in the attack had been uploaded to the internet by "malicious actors".
The information and data relates to past and present patients and customers of Pinnacle Health in the Waikato, Lakes, Taranaki and Tairawhiti districts. It also includes Primary Health Care Ltd (PHCL) practices from across Taranaki, Rotorua, Taupō-Tūrangi, Thames-Coromandel and Waikato.
Pinnacle Incorporated CEO Justin Butcher confirmed much of the information had been made public.
"Over the weekend, we were notified by our security experts that the data taken from our IT platform had been released by malicious actors," Butcher said.
"We acknowledge this will be concerning to our patients and their whānau, and we are taking this seriously. Our immediate focus is on supporting people who may have been impacted and working with the authorities to ensure we are doing everything we need to be.
"Due to the scale of the data that has been released, we are providing a general update now, and intend to provide further public notifications over the coming days."
Butcher also revealed the stolen data included information about the immunisation and screening status of individual patients.
"While Pinnacle does not hold GP notes and consultation records, we now have a much clearer understanding of the breadth of stolen data. This includes high level data related to the use of hospital services, claiming information related to services that Pinnacle provides, and information sent to practices around immunisation and screening status of individual patients.
"This is extremely unfortunate, and we are gutted as this impacts our whānau also. Cyber incidents like this are a constant threat, and while they are the doing of malicious actors, we feel for everyone who may have been affected.
"We are in contact with the police and Office of the Privacy Commissioner".
Butcher also revealed a freephone support line is available from Monday to Friday for people wanting further information.
"All affected practices are still providing services, and people can continue to seek care as normal. However, as notified previously, patients may experience some delays when contacting practices. So, if you are needing care, please call your doctor, or medical centre as you normally would," Butcher said.
Last week a patient of Pinnacle Health told Newshub she was worried that her personal health details had been leaked.
"It's my personal information, that's what's going to come from that. Who's got these details now? It's not just mine, it's my daughter's. My mum is also in the same situation," she said.
Another patient Newshub spoke to received an urgent notice from her medical centre the day after the attack saying their computer systems were completely down.
