Private patient details released after cyber attackers stole data on up to 450,000 people


Up to 450,000 people could have had their private information compromised after attackers stole private health data from the Pinnacle Midlands Health Network.
Photo: 123rf

A North Island health network that has been targeted by a cyberattack says private patient information has now been publicly uploaded to the internet.

Hackers stole data on up to 450,000 people from the Pinnacle Midlands health network around a fortnight ago.

The company’s chief executive, Justin Butcher, said he had been informed in the past 24 hours that the stolen information had been made public by what he called malicious actors.

More information was also revealed on the type of information collected – this was data on past and present patients, including hospital services used, and vaccination and screening statuses.

Butcher said an investigation into the attack is ongoing and the company is working with police and the privacy commissioner.

He said noon report the stolen information had been posted on the dark web, but he understood that it was not readily available to anyone who simply searched Google.

It was not yet clear who the attackers were, why Pinnacle had been targeted, or if the information had been used, or what the attackers might intend to use it for.

The details released included patients’ addresses, their NHI (National Health Index) ID numbers, “high-level data on hospital services” and services provided by Pinnacle, and information sent to practices to support care. to patients.

The health centers are based in the regions of Waikato, Taranaki and Tairāwhiti.

Butcher said a helpline had been set up, which was run by identity and cyber-help experts ID Care, and was available by calling 0800 121 068.

“We strongly recommend that anyone concerned about their data contact them.

“They will receive information on how they can stay safe in an online environment… how to protect themselves and be vigilant online.”

Those tips could include how to protect their passwords and emails, Butcher said.

As part of the response to the attack, Butcher said Pinnacle had “taken a number of steps with security experts to ensure the security of our computing platforms.”

He expected more news to be shared over the next few days.


Comments are closed.