Listen to this Post
Introduction: A Health System Shaken by a Cyber Incident
New Zealand’s healthcare sector is facing one of its most serious digital security incidents to date after a cyberattack targeted Manage My Health, a widely used online patient portal. The platform, relied upon by general practices across the country, allows patients to view medical records, manage appointments, and communicate with healthcare providers. When news broke that the system had been breached, concerns immediately escalated beyond technical disruption to the potential exposure of deeply sensitive personal health information.
Detected just days before the end of 2025, the incident triggered a coordinated response involving government agencies, law enforcement, and international forensic experts. As officials attempt to reassure the public that the threat has been contained, unanswered questions remain about how the breach occurred, how much data may have been accessed, and what this means for the future of digital health infrastructure in New Zealand.
The Cyberattack Comes to Light
The cyberattack against Manage My Health was detected on December 30, 2025. The timing, during a holiday period when many organizations operate with reduced staffing, immediately raised alarms about the potential scale and sophistication of the intrusion.
Within days, the breach was publicly acknowledged, and it drew sharp criticism from government officials. New Zealand’s Minister of Health, Simeon Brown, described the incident as “incredibly concerning,” signaling the seriousness with which the government viewed the potential risks to patient privacy and trust.
A National Response Mobilizes
Between January 1 and January 3, Manage My Health released a series of statements outlining its response. The company confirmed it was working closely with Health New Zealand, the New Zealand Police, other government agencies, and independent international forensic consultants.
This multi-agency response underscored the gravity of the situation. The involvement of international forensic experts suggested that authorities were treating the breach not as a routine incident, but as a potentially complex cybercrime with broader implications for national health data security.
Government Resources Thrown Into the Crisis
On January 5, Minister Brown addressed the media and confirmed that the government was deploying significant resources to support the response. He emphasized that Health New Zealand and General Practice New Zealand were heavily involved in assisting Manage My Health as it worked to contain and investigate the incident.
The minister’s comments made it clear that the government viewed this not merely as a private company’s problem, but as a systemic issue affecting the entire healthcare ecosystem.
Claims That the Threat Has Been Contained
In its latest public update, Manage My Health stated that the incident had been contained and that the application was secure. This reassurance was intended to calm both patients and healthcare providers who rely on the platform daily.
However, containment does not necessarily mean that no data was accessed or exfiltrated. The distinction between stopping an ongoing attack and assessing the damage already done became a critical point of concern.
Fears Over Patient Data Exposure
Despite assurances of security, Manage My Health acknowledged that personal data may have been accessed. In its first statement on January 1, the company revealed that between 6% and 7% of its approximately 1.8 million registered patients could have been affected.
This estimate translates to roughly 100,000 to 120,000 individuals, a figure large enough to constitute a significant national privacy incident. The potential exposure of medical records amplifies the seriousness, as health data is among the most sensitive categories of personal information.
An Attacker Steps Forward Online
Adding a new dimension to the incident, an alleged attacker using the alias “Kazu” claimed responsibility in a post on a cybercrime forum on December 30. The individual asserted that more than 428,000 files had been stolen during the breach.
The attacker reportedly demanded a ransom of $60,000, threatening to sell the data if payment was not made by January 15. This claim shifted the narrative from a generic breach to a ransomware-style extortion attempt.
Escalation Through Public Threats
The situation intensified on January 3 when Kazu posted a follow-up message on Telegram. In that message, the attacker warned that all stolen data would be publicly released within 48 hours if the ransom was not paid.
Such escalation tactics are common in ransomware incidents, designed to pressure organizations by leveraging fear, urgency, and public exposure.
Ministry of Health Launches a Review
In response, Minister Brown announced a formal review by the Ministry of Health. The review aims to examine not only how the breach occurred, but also what protections were in place and whether additional safeguards are needed across the health system.
Particular attention will be paid to third-party access to health data, a growing concern as healthcare increasingly relies on private digital platforms.
Emphasis on Protecting Sensitive Information
The minister stressed that the data involved is highly personal and sensitive. He made it clear that whether health data is held by public agencies or private companies, it must be protected by the strongest possible security and privacy measures.
This statement reflects a broader policy concern: digital convenience in healthcare must not come at the cost of patient confidentiality.
Manage My Health Welcomes Scrutiny
Manage My Health publicly welcomed the Ministry of Health review and pledged full cooperation. The company expressed hope that the findings and recommendations would benefit not only its own operations, but the entire healthcare sector.
This response positioned the company as a willing participant in systemic improvement, even as it faced criticism for the breach.
Legal Action to Limit Data Spread
In an effort to mitigate harm, Manage My Health obtained an injunction from the High Court. The injunction is intended to prevent third parties from accessing or distributing any data that may have been posted as a result of the incident.
While such legal measures cannot undo a breach, they can help limit further exposure and establish clear legal consequences for misuse of stolen data.
Pressure to Notify Affected Patients
Minister Brown emphasized that patients must be notified urgently. Transparency, he argued, is essential to maintaining trust and allowing individuals to take steps to protect themselves.
Manage My Health confirmed that it began notifying general practices on January 5, marking the first phase of its communication strategy.
How Notifications Will Be Handled
Each general practice is set to receive a confidential list of affected patients through a secure provider portal. Along with the list, practices will receive guidance on how to support patients who reach out with concerns or questions.
Direct patient notification is planned to follow later in the same week, once coordination with Health New Zealand, General Practice New Zealand, and individual practices is complete.
Avoiding Confusion in Communication
The company explained that notification timing requires careful coordination to avoid patients receiving multiple or conflicting messages from different organizations. Clear, consistent communication is seen as essential during a sensitive and stressful situation.
This cautious approach reflects lessons learned from past breaches, where poor communication often compounded harm.
Support Measures for Patients
Manage My Health and Health New Zealand also plan to establish a dedicated 0800 helpline for affected patients. Details such as the phone number and operating hours are expected to be released in a subsequent update.
The helpline is intended to provide reassurance, answer questions, and guide patients on any necessary next steps.
Government Criticism and Accountability
In his media address, Minister Brown did not mince words. He stated that what happened was unacceptable and placed responsibility squarely on Manage My Health.
He also urged the company to issue a formal apology to all affected patients and users, reinforcing the expectation of accountability.
An Apology Issued Amid Reflection
Manage My Health complied, issuing an apology in its latest statement. The company acknowledged the pain and anxiety caused to both providers and patients.
It also admitted that its communication could have been better, explaining that its initial priority was securing patient data and ensuring information accuracy before widespread disclosure.
A Broader Warning for the Health Sector
The minister concluded by noting that New Zealand urgently needs to improve how it safeguards medical data. The incident, he suggested, should serve as a wake-up call for the entire health system.
Learning from this breach, he emphasized, is essential to preventing similar incidents in the future.
What Undercode Say:
A Symptom of Deeper Structural Weaknesses
The Manage My Health incident is not just a standalone cyberattack; it highlights deeper structural weaknesses in how digital health platforms are governed and secured. As healthcare systems rapidly digitize, security often lags behind innovation, creating attractive targets for cybercriminals.
Third-Party Platforms Under the Microscope
One of the most critical aspects of this case is the reliance on third-party platforms to manage national-scale health data. While outsourcing can bring efficiency and innovation, it also introduces new attack surfaces and accountability challenges.
Ransomware as a Strategic Weapon
The attacker’s use of ransom demands and public threats aligns with modern ransomware tactics. Even relatively modest ransom amounts can be effective when attackers know that organizations fear reputational damage more than financial loss.
Trust as the True Cost
The real damage in health data breaches is not only financial or technical, but emotional and societal. Patients trust healthcare providers with their most intimate information. Once that trust is shaken, it is difficult to restore.
Communication Is as Important as Containment
Manage My Health’s admission that communication could have been better is significant. In cyber incidents, silence or delay often fuels speculation and panic. Clear, timely updates are as critical as forensic investigations.
Legal Tools Have Limits
The High Court injunction may deter some misuse of stolen data, but it cannot erase copies already in circulation. Legal remedies are important, yet they are inherently reactive in the face of digital breaches.
A Test for Government Oversight
The Ministry of Health review represents a crucial test of regulatory oversight. Its findings could shape future rules around certification, auditing, and monitoring of health technology providers.
The Need for Sector-Wide Standards
This incident strengthens the
🕵️📝✔️Let’s dive deep and fact‑check.
References:
Reported By: www.infosecurity-magazine.com
Extra Source Hub (Possible Sources for article):
https://www.linkedin.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
Bing
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon
