Manage My Health has confirmed it is responding to a cyber security breach involving unauthorised access to its systems, triggering an investigation amid concerns over the platform’s widespread use across New Zealand.
In a statement published on its website, the company said it had identified the incident and had already taken steps to contain it. The breach is now under active investigation to determine what occurred and whether any information was affected.
“Manage My Health has identified a cyber security incident involving unauthorised access to our systems,” the company said. “The matter is under active investigation and containment steps have been taken.”
The company said it is working with its partners and relevant authorities and will provide further updates through formal statements as details are confirmed.
Manage My Health is one of New Zealand’s most widely used digital health platforms, with more than 1.85 million users since its launch in 2008. The online portal and mobile app are used by most health centres nationwide, allowing patients to book appointments, request repeat prescriptions, and access health records and laboratory results linked directly to doctors’ systems.
The company describes itself as a New Zealand-owned provider focused on simplifying access to healthcare and helping patients stay informed and engaged with their health.
At this stage, Manage My Health has not said whether patient data was accessed or compromised, or how many users may be affected. Further information is expected to be released as the investigation continues.
That’s it. I am cancelling mine. Should never have signed up to the damned thing. Forget digital ID! How safe could that be? Everything all your personal info linked. NO THANKS
If we all get government issued digital id’s it’ll be safe though, not just health information but everything about me is safe as houses? Cmon Luxon and team..bring it on. FFS..I can’t wait..I love the government they never get anything wrong.
Aaand, thats why I told my GP’s medical centre I wasn’t happy giving a third party my health records a year or 2 back.
What a dumpster fire Jacinda and her helpers made of the health system, which National has continued to f over.
Haven’t seen any doctor for over 7 years – so the only info on “Manage My Health” would have to be fake info. If you don’t trust the government, why engage with them and volunteer them your private info?
Is that the same as myindice.. ?
This entirely predictable cock up precisely highlights why a centralised Digital ID is a dangerously flawed stupid idea.
Hopefully Judith ‘it’s so convenient’ Collins will now wake up. She won’t obviously.
She’s not the queen on the chessboard, she’s one of the pawns.
Just doing what her bosses tell her to from behind the curtain, just like all the rest of them.
Judith sold out years ago.
I used to like her now she makes me sick with her support of gene editing, digital ID and wasting money fighting wars the people she is working for create and get us all to pay for. Disgusting laundering of our tax money which we don’t approve of.
‘Manage my Health’ soon to replaced by ‘Manage my Data Leak’.
I’m from the government and I’m here to help.
Critical information the media is not publishing and ManageMyHealth are keeping quiet:
The attack is a ransomware attack by and organized criminal organization called Kasu, who officially claimed responsibility on the 30th of December 2025
Data Stolen: The group claims to have exfiltrated 108 GB of data, consisting of 428,337 files.
Content of Files: According to the group’s leak site, the stolen information includes full names, medical records, test results, prescription data, appointment schedules, health history logs, and private communications with healthcare providers.
The Ultimatum: Kazu has set a ransom demand of $60,000 USD.
They have issued a deadline of January 15, 2026, threatening to release the “full dump” of data if a negotiation is not reached.
This portal cannot be trusted to keep vital and critical medical information secure if they are deliberately hiding the truth about how serious this breach is.
And this highlights the serious risks involved in allowing your information to be held by governments in the form of Digital ID. All digital systems can be hacked, and will be hacked.
Wow thanks for that. We need to get this info out to more people. Can you post on all social media’s? Out governments are lying to us, the MSM is lying to us and they want us to trust MORE digitisation of everything and everyone???? 😡
Who is “Kazu”?
Security researchers and threat debriefs from late 2025 provide the following profile of the group:
– Recent Emergence: First detected in September 2025, the group has quickly scaled its operations, targeting over 35 organizations in its first few months.
– Global Reach: While ManageMyHealth is a major New Zealand target, Kazu has primarily targeted government, military, and healthcare sectors across Southeast Asia, the Middle East, and Latin America.
– Tactics: They often gain access by exploiting vulnerabilities in internet-facing web applications or web hosting platforms rather than through traditional internal network infiltration.
– Healthcare Focus: ManageMyHealth is not their first medical target; in November 2025, they claimed a similar attack on Doctor Alliance, a U.S. healthcare technology platform.
Well I hope our bloody useless bureaucrats pay the bloody ransom otherwise I will sue them for actions that led to a breach of my personal data. In fact we should do a class action against the people who assured us this was safe.
Predicted this breach a while ago – scrap the app https://open.substack.com/pub/informedheart/p/manage-my-health-nz-app-with-global?r=q9aq0&utm_medium=ios&shareImageVariant=overlay
A very managed response to this data hacking – Jan 3