On its web site, Symes de Silva mentioned its email server was hacked in April and malware was put in.
That malicious software program has since been eliminated and a forensic evaluation of the server has discovered no indicators any data has been obtained or misused.
The apply mentioned the email server contained some private data, which was probably uncovered for a time frame.
Personal particulars, together with names, dates of beginning, telephone numbers and addresses, had been held on the server, in addition to some well being data, similar to dental pictures and scans, referrals, details about procedures and insurance coverage claims.
A Symes de Silva spokesperson mentioned as quickly as they found the issue, the server was taken offline.
It has additionally carried out additional IT checks to make sure its techniques are safe.
The Privacy Commissioner has been notified.