The nation’s largest not-for-profit health and aged care provider has launched an investigation into whether the data breach continues after it detected the cyber security attack on Tuesday.

“St Vincent’s immediately took steps to contain the incident, engaged external security experts, and notified all relevant state and federal governments and the necessary agencies,” a spokesman for St Vincent’s said in a statement on Friday.

“Late on Thursday, 21 December, St Vincent’s found evidence that cyber criminals had removed some data from our network.

“St Vincent’s is working to determine what data has been removed.”

While the health provider is continuing to investigate the cause of the attack, no patient records seem to have been targeted at the time of publication.

“Key activities include securing and containing the incident, understanding what the cyber criminals have done and identifying what data may have been accessed and stolen,” the spokesman said.

“To date, this incident has not affected the ability of St Vincent’s to deliver the services our patients, residents, and the broader community rely on across our hospital, aged care and virtual and home health networks.

“Our priority is the health and safety of our patients, residents, and our people and the continuity of St Vincent’s services for the community.”

Acting National Office of Cyber Security co-ordinator Hamish Hansford confirmed on X, formally known as Twitter, on Thursday that his team was working with St Vincent’s Health Australia.

“My team is working with Services Australia, the Department of Health and Aged Care and relevant state and territory agencies to ensure a co-ordinated government response to this incident and to mitigate any flow-on effects,” Mr Hansford said.

“The Australian Signal’s Directorate’s Australian Cyber Security Centre is also working closely with St Vincent’s.

“St Vincent’s has taken immediate steps to contain the incident and is prioritising the health and safety of its patients and people and the continuity of services for the community.

“We’re advised that this incident has not affected the ability of St Vincent’s to deliver their important services to patients, residents, and the broader community across their hospital, aged care, and virtual and home health networks.

“I know these incidents are distressing for those affected.

“We are focused on assisting St Vincent’s to consider and address impacts arising from this incident.”

Speaking in Cairns, Anthony Albanese said he hadn’t been briefed on the cyber attack but would “get an appropriate briefing” when possible.

“Cybersecurity is a major issue,” the Prime Minister said.

“All of the predictions are for increased threats when it comes to cybersecurity, which is why my government takes these issues so seriously.”

Mr Albanese recently announced improved measures to fight cybercriminals.

Originally published as St Vincent’s Health targeted in cyber attack