
…
…
World
Herz — World Desk · · 30s summary · 2 min read
A malicious actor accessed Partnered Health's systems, a network of 21 medical clinics in Australia, on June 23, 2026. Stolen data includes medical records, health insurance numbers, and patient names and contact details from Sydney, Melbourne, and Canberra. The company obtained an injunction from the New South Wales Supreme Court to block data disclosure. Experts warn this measure is insufficient to prevent sales on the dark web. Partnered Health refuses to disclose the number of affected individuals.
On June 23, 2026, a malicious actor accessed the systems of Partnered Health, operator of 21 medical clinics located in Sydney, Melbourne, and Canberra, Australia.
According to The Guardian, stolen data includes detailed medical information — consultation notes, referral letters, pathology and diagnostic results — as well as Medicare numbers, private health insurance details, patient names, dates of birth, and addresses.
Partnered Health declined to make public the number of affected individuals, arguing that disclosure would be contrary to patients' interests.
The incident was reported to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner — Australia's personal data protection authority — and law enforcement. Affected patients and stakeholders were contacted directly by the company.
Partnered Health obtained a provisional injunction from the New South Wales Supreme Court prohibiting the use or publication of accessed data.
However, Dr. Suelette Dreyfus, senior lecturer in information systems at the University of Melbourne, warns that this injunction will likely be unable to prevent data sales on the dark web.
Medical records sell for up to $250 USD each on black markets, compared to a few cents for basic personal data such as a name or address, making them particularly lucrative targets for cybercriminals.
In 2022, the personal data of 9.7 million current and former Medibank customers was published on the dark web after the Australian health insurer refused to meet hackers' financial demands.
The exact number of patients whose data was compromised is unknown. Partnered Health declined to communicate this publicly. The specific nature of the Medicare identifier targeted in the Australian context is not detailed in available verified sources.
Partnered Health is an Australian medical clinic operator present in Sydney, Melbourne, Canberra, and other cities. It manages at least 21 health centers.
No comments yet. Be the first to react.
Stolen data includes medical records (consultation notes, exam results, referral letters), health insurance numbers, as well as patient names, dates of birth, and addresses.
According to an expert at the University of Melbourne, the New South Wales Supreme Court injunction is unlikely to prevent data sales on the dark web.
Medical records can sell for up to $250 USD on black markets, compared to just a few cents for basic personal data. Their high value makes them a priority target.
Partnered Health indicates it has contacted affected individuals directly. Patients can check with their clinic or relevant Australian authorities for more information.