"The protection of personal patient information is of the utmost importance ... patient privacy has not been compromised in this instance,"the spokeswoman said.
She also stressed there was no link between the encrypted data and any function relating to cardiac implantable electrical devices,such as pacemakers and defibrillators.
The spokeswoman would not say how many files had been affected or whether a ransom had been paid.
The latest hack is expected to fuel calls for the federal government to reinforce the nation's cyber defences,particularly email security.
This week,the Morrison government conceded federal parliament and major political parties'security systems had been compromised by what was believed to be a state-based cyber attack.
Professor Matt Warren,deputy director of Deakin University’s Centre for Cyber Security Research,said the data breach at Melbourne Heart Group was most likely a “ransomware” attack.
Someone,probably a staff member,using the hospital’s software could have inadvertently opened a corrupted link on a phishing email allowing ransomware,a form of malware,into the hospital’s system,Professor Warren said.
From there,the attackers encrypt sensitive information from hospital servers,essentially locking it away from access by medical staff.
“Then they say to the hospital ‘you must pay us to get your data back’,” Professor Warren said.
“It’s sophisticated in that you have to get the malware onto the hospital system,but once you have done that then it is relatively easy.
Loading
“Other than the cost it isn’t hard to be protected from this … organisations need to update and patch their security and systems regularly because the problem you have is the hackers'capabilities are becoming more sophisticated.”
These types of breaches stem from the worldwide “WannaCry” ransomware attack in May 2017.
One of the largest hit by this attack was Britain’s National Health Service,where it was estimated up to 70,000 hospital devices in England and Scotland were impacted.
Non-critical emergencies and some ambulances were turned away from hospitals hit by the attack,operations were cancelled and accident and emergency centres were closed.
The healthcare sector has become a preferred target for many online criminals after the Hollywood Presbyterian Hospital in Los Angeles revealed it paid $17,000 in bitcoin to hackers who had seized control of its computer network.
And the massive hack of US health insurance giant Anthem in 2015 – when the personal information of more than 79 million Americans was exposed – further identified the sector's vulnerability to data breaches and potential for identity theft.