New Zealand orders review after ManageMyHealth cyberattack affecting 100,000+

TL;DR

Health minister Simeon Brown has directed a government review into a cyberattack on ManageMyHealth that may have exposed sensitive patient records for well over 100,000 New Zealanders. The company says the incident is believed to be contained while independent forensics and law enforcement investigate claims by a threat actor who demanded a $60,000 ransom.

What happened

New Zealand's health minister has instructed a formal review into a cyber incident at ManageMyHealth, a private platform used by medical providers to access patient records. ManageMyHealth says it holds data for about 1.85 million people and estimates the breach affected roughly 6–7% of that user base; the minister highlighted that more than 100,000 patients could be implicated. The company states the breach is believed contained and has engaged independent digital forensics teams, the Privacy Commissioner, New Zealand Police and Health New Zealand while applying additional monitoring and security measures. A person using the name "Kazu" claimed responsibility on a cybercrime forum, asserting more than 428,000 files were taken and demanding a $60,000 ransom, later threatening public release. Snippets were posted on Telegram but links were flagged and removed. ManageMyHealth has sought an injunction to block dissemination of any stolen data and is advising users to strengthen account security as it investigates what was accessed or downloaded.

Why it matters

• Health records contain highly sensitive personal information that can have severe privacy and safety implications when exposed.
• An incident affecting more than 100,000 patients represents a large-scale compromise of nationally significant healthcare data.
• Stolen data can be used for identity theft, targeted scams, or other harmful misuse against patients and their families.
• The attack highlights gaps in protection for systems that hold integrated health records, prompting broader scrutiny of public and private data controls.

Key facts

• Simeon Brown, New Zealand's health minister, ordered a government review into the incident covering cause, scope, defenses and wider impacts.
• ManageMyHealth says it manages data for approximately 1.85 million New Zealand users and estimates 6–7% were affected.
• A threat actor using the name 'Kazu' claimed responsibility and demanded a $60,000 ransom, alleging more than 428,000 files were stolen.
• Kazu posted snippets on Telegram; those links were later flagged and are no longer usable.
• ManageMyHealth says the incident is believed contained and has engaged independent forensic investigators.
• The company is coordinating with the Privacy Commissioner, New Zealand Police and Health New Zealand on the response.
• ManageMyHealth applied for an injunction intended to prevent dissemination of any compromised data.
• Company guidance to users includes changing passwords, using authentication apps for multi-factor protection, and vigilance for scams.
• New Zealand's official stance on ransom payments aligns with Western allies: do not pay.

What to watch next

• Findings from the government's ordered review into the cause, scope and systemic implications of the breach.
• Results from independent forensic investigations clarifying what files were accessed versus downloaded and which individuals were affected.
• Legal outcome of ManageMyHealth's injunction application and whether any stolen data is publicly released or sold (not confirmed in the source).

Quick glossary

• Ransomware: Malicious software or an attack in which threat actors encrypt, exfiltrate, or block access to data and demand payment to restore or refrain from releasing it.
• Digital forensics: Specialized investigative work that examines computer systems and networks to determine how a security incident occurred and what was affected.
• Multi-factor authentication (MFA): A security measure that requires users to present two or more proofs of identity, such as a password plus a one-time code from an app.
• Injunction: A court order that can prohibit parties from taking specified actions, such as publishing alleged stolen material.
• Data breach: An incident where protected or confidential information is accessed, disclosed, or stolen by an unauthorized party.

Reader FAQ

How many people were affected?
ManageMyHealth estimates about 6–7% of its roughly 1.85 million users were impacted; the health minister cited more than 100,000 patients.

Has the company confirmed what specific data was taken?
ManageMyHealth says independent forensics are working to determine what was accessed or downloaded and has not confirmed specific data types.

Did ManageMyHealth pay the ransom?
Not confirmed in the source.

What should users do now?
The company recommends changing passwords, using authentication apps for multi-factor protection, and being cautious of potential scams or phishing attempts.

Is the government investigating?
Yes; the health minister ordered a review and the company is working with the Privacy Commissioner and New Zealand Police.

CYBER-CRIME New Zealand orders review into ManageMyHealth cyberattack Government 'incredibly' concerned about breach potentially affecting more than 100,000 patients Connor Jones Mon 5 Jan 2026 // 11:52 UTC New Zealand health minister Simeon Brown…

Sources

• New Zealand orders review into ManageMyHealth cyberattack
• New Zealand orders review into ManageMyHealth …
• ManageMyHealth hack: New Zealand's worst cybersecurity …
• Minister orders review into ManageMyHealth cyber breach

Related posts

• AI Deepfakes Impersonate Pastors to Scam Their Congregations
• Anna’s Archive Loses .org Domain in Unexpected Registry Suspension
• Techie turned the tables on office bullies with remote access rumble