iCare leaked nearly 200k workers' details

Employers were sent a spreadsheet containing the names, addresses, dates of birth and claims information of iCare customers, AAP has been told.

The personal details would usually only be sent to an individual's own employer.

A statement on iCare's website acknowledged a "privacy incident" occurred on the week of May 10 due to human error, which led to Employer Cost of Claims reports from April 2022 being issued to the wrong employer or broker".

"As soon as iCare was made aware of the incident, we took immediate action to rectify the matter," the statement said.

The insurer contacted employers sent the details in error and is in the process of confirming they delete the information.

The Privacy Commissioner of NSW is helping iCare and third-party IDCARE with the process. The State Insurance Regulatory Authority has been notified.

"We are contacting individuals concerning the incident and the steps we have taken to ensure the security of their information," iCare's statement said.

"We have also commenced a comprehensive review of our systems and processes to ensure it does not happen again."

Shadow Treasurer Daniel Mookhey called on the government to launch an independent investigation into the data leak, calling the size of the breach "frightening".

"A leak this big demands nothing less than an independent investigation," Mr Mookhey said.

"The 190,000 workers whose personal information iCare distributed far and wide deserve answers about why this happened."

Labor's industrial relations spokeswoman Sophie Cotsis said iCare needs to contact all the affected workers.

"A vague statement by iCare on its website doesn't cut it," Ms Cotsis said.

"They need to know their privacy has been compromised.

"They might now have to take steps to protect themselves."