Friday, July 17, 2026
ASX 200: 8,412 +0.43% | AUD/USD: 0.638 | RBA: 4.10% | BTC: $87.2K
← Back to home
Cybersecurity

Partnered Health cyberattack hits 21 GP clinics

Partnered Health became aware on 23 June 2026 that a malicious actor had accessed some of its data, triggering an immediate response that included engaging specialist cyber experts to contain the incident and assess its full scope. The company publicly confirmed the attack on 15 July 2026.

6 min read
A suburban medical clinic at night with a glowing red cross sign and its security shutter pulled down
Partnered Health says data from up to 21 of its clinics may have been accessed.
Editor
Jul 16, 2026 · 6 min read
Caleb Reed
By Caleb Reed · 2026-07-16

TLDR

Partnered Health confirmed on 15 July 2026 that a malicious actor accessed patient data across 21 of its GP clinics in NSW, Victoria, Queensland, WA and the ACT after the attack was discovered on 23 June 2026. Exposed records may include Medicare numbers, DVA and concession card details, consultation notes, referral letters and pathology results. Partnered Health reported the breach to the ACSC, the OAIC and law enforcement, and secured a Supreme Court injunction barring use or publication of the stolen data. The incident adds to a mounting pattern of cyberattacks on Australian healthcare providers, where sensitive patient data remains a high-value target.

KEY TAKEAWAYS

01Partnered Health discovered the cyberattack on 23 June 2026 and immediately engaged specialist cyber experts to contain it.
0221 clinics across NSW, Victoria, Queensland, WA and the ACT were confirmed affected from a network of more than 60 GP practices.
03Stolen records potentially include Medicare numbers, DVA card details, consultation notes, referral letters and diagnostic results.
04Partnered Health reported the breach to the Australian Cyber Security Centre, the OAIC and law enforcement agencies.
05The Supreme Court of New South Wales granted Partnered Health an interim injunction ordering the accessed data not be used or published.

The breach: what happened and when

Partnered Health became aware on 23 June 2026 that a malicious actor had accessed some of its dataverifiedVerified Source: partneredhealth.com.au, triggering an immediate response that included engaging specialist cyber experts to contain the incident and assess its full scope.[1] The company publicly confirmed the attack on 15 July 2026.

Partnered Health said in an official statement: "On 23 June 2026, Partnered Health became aware that a malicious actor accessed some of our data."[1] Investigations were launched in parallel with containment work and remain ongoing.

Which clinics and patients are affected

The breach affected 21 clinics across New South Wales, Victoria, Queensland, Western Australia and the Australian Capital TerritoryverifiedVerified Source: partneredhealth.com.au, out of a network of more than 60 GP practices operated by Partnered Health.[1] Partnered Health said it is communicating directly with patients from the affected clinics.

Partnered Health said: "Our investigations to date have confirmed that personal information (including health information) was taken from some of the clinics in our network. We are continuing to investigate the extent to which personal information has been impacted by this incident and are communicating with patients from impacted clinics."[1] Patients who have not been contacted but believe they may be affected are encouraged to check the company's dedicated incident page.

What data was exposed

Partnered Health confirmed that affected data may include names, dates of birth, addresses and contact details; Medicare numbers; private health insurance details; Veteran Card (DVA) or concession card numbers; and medical information such as consultation notes, referral letters, and pathology or diagnostic results.[1] The combination of government identifier numbers and detailed clinical records raises the risk of identity fraud and targeted phishing well beyond what a standard financial data breach would present.

Australia's Notifiable Data Breaches scheme recorded 1,205 notifications in 2025, with malicious cyber incidents accounting for 63 per cent of all eligible breaches. Healthcare providers consistently rank among the most targeted sectors because of the value of patient records.

Regulators, law enforcement and the court injunction

Partnered Health reported the incident to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and law enforcement.[1] Notification to the OAIC satisfies the company's obligations under the Notifiable Data Breaches scheme established by the Privacy Act 1988, which requires health service providers to notify both affected individuals and the regulator as soon as practicable after a qualifying breach.

Partnered Health obtained an interim injunction from the Supreme Court of New South Wales ordering that the accessed data is not used or publishedverifiedVerified Source: partneredhealth.com.au.[1] The injunction is a civil remedy intended to limit downstream harm if the stolen records were circulated or sold, though enforcement against anonymous offshore threat actors remains a practical limitation of any such order.

How affected patients can check their status

Partnered Health said it is directly contacting patients from the 21 impacted clinics.[1] Patients who attended any of these clinics and want to confirm whether their records were accessed should visit the company's official incident page at partneredhealth.com.au and use any dedicated contact mechanism the company has established there.

Security practitioners routinely advise patients caught in health data breaches to place alerts on their credit files with the major credit reporting bureaux, watch for unusual Medicare or DVA activity, be alert to unsolicited contact from people citing personal medical details, and enable multi-factor authentication on any health portal accounts. Anyone who suspects their Medicare number is being misused can report it to Services Australia.

Australia's mounting healthcare breach record

The Partnered Health incident follows a series of high-profile attacks on Australian health organisations. The 2022 Medibank breach exposed records belonging to 9.7 million policyholders, and the ManageMyHealth breach disclosed on 30 December 2025 struck multiple general practice networks, highlighting that GP clinic data systems carry systemic vulnerabilities that threat actors are actively targeting.

The Partnered Health network spans more than 60 practices nationally, making the confirmed 21-clinic figure a significant subset of its operations. Partnered Health said its investigation into the full extent of the data exposure was still continuing as of 15 July 2026.[1]

FREQUENTLY ASKED QUESTIONS

When did the Partnered Health cyberattack occur?
Partnered Health became aware that a malicious actor had accessed its data on 23 June 2026. The company publicly confirmed the breach and disclosed details of affected clinics on 15 July 2026.
Which states are the affected clinics in?
The 21 affected clinics span New South Wales, Victoria, Queensland, Western Australia and the Australian Capital Territory.
What patient information was exposed in the breach?
Potentially exposed data includes names, dates of birth, addresses, contact details, Medicare numbers, private health insurance details, DVA or concession card numbers, and medical records such as consultation notes, referral letters and pathology results.
What has Partnered Health done in response?
Partnered Health engaged specialist cyber experts, reported the incident to the ACSC, OAIC and law enforcement, and obtained an interim injunction from the Supreme Court of New South Wales ordering that the stolen data not be used or published.
How can I find out if my records were accessed?
Partnered Health is directly contacting patients from the 21 impacted clinics. If you have not been contacted but believe your records may be affected, visit the company's official incident page at partneredhealth.com.au.
Caleb Reed

Caleb Reed

Caleb Reed covers breaking news and sport for Bushletter. Fast and verb-led, he writes with a news-wire cadence and no patience for PR spin.

Editor
The Bushletter editorial team. Independent business journalism covering markets, technology, policy, and culture.
Read us first

Make us a preferred source on Google

One tap surfaces our reporting at the top of your Google Top Stories and AI answers. You can change it any time.

Add as a preferred source on Google
What's your reaction?