A large North Island GP network has been hit by a cyber attack, with patient details potentially compromised.
The attack, which took place on 28 September, has hit Pinnacle Midlands Health Network's regional primary health care practices across Taranaki, Rotorua, Taupō-Tūrangi, Thames-Coromandel and Waikato.
Pinnacle does not hold information like GP notes, but does hold personal information such as names, addresses and National Health Index (NHI) numbers.
In a statement today, the company said the affected IT was immediately taken offline and contained.
But Pinnacle Incorporated chief executive Justin Butcher said it appeared that the hackers had accessed information, which could include commercial and personal details, from the system before the breach was notified.
"At this point in time, we cannot confirm what specific data or information may have been accessed, but we are working through a process to better understand that," Butcher said.
"This will take time, however, we believe it is important to disclose this incident now, so we can support those people who have potentially been impacted."
External support partners came onboard to contain the incident and an investigation alongside authorities had been launched, he said.
"We have also laid a complaint with the police and are working alongside Te Whatu Ora and a number of other government agencies," Butcher said.
"We have put contingency plans in place and are working to understand exactly what happened and who has been impacted.
"We have notified the Office of the Privacy Commissioner."
While affected practices would continue to provide services, some patients might experience delays in contacting them, he said.
A freephone support line is expected to be set up for people wanting further information.
Health Minister Andrew Little earlier said the incident was being investigated.