Patient details have been compromised in a cyber attack targeting a network of GP services across the North Island.
Pinnacle Midlands Health Network said last Wednesday's "cyber incident" affected some IT services at offices and practices in Taranaki, Rotorua, Taupō-Tūrangi, Thames-Coromandel and Waikato.
Speaking from Hamilton, Pinnacle Incorporated CEO Justin Butcher said
Pinnacle covers its 86 regional practices.
Butcher said malicious practice had breached their system, and the attack could have an impact on their commercial and patient records.
"We cannot confirm what data has been affected, this will take time. We will support those people who have been impacted.
"Patients may expect delays at our practices, patient notes are not at risk, as we only hold their NHI number, addresses and names.
"Unfortunately malicious cyber activity is a constant threat and NZ is not exempt from it.
"The Privacy Commissioner has been informed and we are setting up a 0800 number for people to contact.
"We encourage people to be vigilant when online. As we are at an early stage of response and can't comment further."
Investigations are still under way but he believes the attackers accessed information that could include commercial and personal details.
- 'Red flags': Pensioner loses fortune, suffers heart attack after bank accounts hacked
- Kiwi kids targeted in global sextortion; X-rated photos posted of blackmailed teen
"This will take time, however, we believe it is important to disclose this incident now, so we can support those people who have potentially been impacted," he said.
"Our systems flagged the incident with us, and we were able to move swiftly to take the affected IT offline. We engaged external support partners and launched an in-depth investigation alongside relevant authorities.
"The affected IT was immediately taken offline and contained."
Butcher said they have laid complaints to police, Te Whatu Ora and other government agencies.
Pinnacle holds personal information such as names, addresses and national health index numbers.
Butcher said GP notes were not stored on their files.
He said the Office of the Privacy Commissioner has also been notified.
Practices that were affected are operating as normal with some delays.
"So, if you are needing care, please call your doctor or medical centre as you normally would," said Butcher.
Those wanting more information could call a freephone support line and details would also be shared as they became avalable to www.pinnacle.co.nz
"We know that people will rightfully be very concerned about this, and we want to ensure the public that Pinnacle takes our role as stewards of people's information seriously, and security is of utmost importance to us. Unfortunately, malicious cyber activity is a constant threat and New Zealand is not exempt from this," said Butcher.
Take your Radio, Podcasts and Music with you