A North Island health network that has been targeted in a cyber attack says private patient information has now been publicly uploaded to the internet.
Hackers stole data on up to 450,000 people from Pinnacle Midlands Health Network about a fortnight ago.
The company's chief executive Justin Butcher said it was notified within the last 24 hours that the stolen information had been made public by what he called malicious actors.
More information had also come to light about the type of information taken - it involved data about past and present patients, including hospital services used, and immunisation and screening statuses.
Butcher said an investigation into the attack was ongoing, and the company was working with police and the Privacy Commissioner.
He told Midday Report the stolen information had been posted on the dark web, but he understood it was not easily available to anyone who simply did a Google search.
It was not yet known who the attackers were, why Pinnacle was targeted or whether the information had been used, or what the attackers could be planning to use it for.
Details released included patients' addresses, their NHI (National Health Index) identification numbers, "high level data about hospital services" and services provided by Pinnacle, as well as information sent to practices to support the care of patients.
The health centres are based in the Waikato, Taranaki and Tairāwhiti areas.
Butcher said a helpline had been set up, which was being run by identity and cyber support experts ID Care, and was available by calling 0800 121 068.
"We'd strongly recommend that anyone concerned about their data reach out to them.
"They'll be provided with information about how they can stay safe in an online environment ... how to keep yourself safe and be vigilant online."
That advice might include how to protect their passwords and emails, Butcher said.
As part of the reaction to the attack, Butcher said Pinnacle had "taken a number of steps with security experts to ensure that our IT platforms are safe".
He was expecting that more news could be shared over the next few days.
Technology commentator and Gorilla Tech CEO, Paul Spain, told Checkpoint the incident had been a case of an organisation deciding not to pay criminals a ransom and private information then being released on the internet.
He said if the information had been stored properly it should have been encrypted in a similar way that banks store private details, making it hard for hackers to steal.
"When we have our personal information stored with an organisation like a health provider, it's similar in some ways to putting money in the bank.
"We expect these organisations to keep what we put with them safe and so when what should be a trusted organisation isn't able to keep our private information safe, then that really erodes trust, and it can lead to situations where we see identity theft."