"Patients may expect delays at our practices, patient notes are not at risk, as we only hold their NHI number, addresses and names.
"Unfortunately, malicious cyber activity is a constant threat and NZ is not exempt from it.
"The Privacy Commissioner has been informed and we are setting up a 0800 number for people to contact.
"We encourage people to be vigilant when online. As we are at an early stage of response and can't comment further."
Investigations are still under way, but he believes the attackers accessed information that could include commercial and personal details.
"This will take time. However, we believe it is important to disclose this incident now, so we can support those people who have potentially been impacted," he said.
"Our systems flagged the incident with us, and we were able to move swiftly to take the affected IT offline. We engaged external support partners and launched an in-depth investigation alongside relevant authorities.
"The affected IT was immediately taken offline and contained."
Butcher said they have laid complaints to police, Te Whatu Ora and other government agencies.
Pinnacle holds personal information such as names, addresses and national health index numbers.
Butcher said GP notes were not stored on their files.
He said the Office of the Privacy Commissioner has also been notified.
Practices that were affected are operating as normal with some delays.
"So, if you are needing care, please call your doctor or medical centre as you normally would," said Butcher.
Those wanting more information could call a freephone support line and details would also be shared as they became avalable to www.pinnacle.co.nz
"We know that people will rightfully be very concerned about this, and we want to ensure the public that Pinnacle takes our role as stewards of people's information seriously, and security is of utmost importance to us. Unfortunately, malicious cyber activity is a constant threat and New Zealand is not exempt from this," said Butcher.
