Massive Data Breach Exposes Health Information of Nearly 100,000 New Zealanders

Massive Data Breach Exposes Health Information of Nearly 100,000 New Zealanders

First seen 26 May 2026, 19:11 UTC WaateanewsRnz.Co.NzThespinoff.Co.Nz1News.Co.NzScoop.Co.Nz+3 85% similarity 69.0

Article Content

Browse articles
ThreatCluster

In December 2025, the Manage My Health platform suffered a significant cyber attack, compromising sensitive health data of approximately 100,000 New Zealanders. The breach was attributed to inadequate security safeguards, including poor monitoring and risk management practices. Most affected individuals were located in Northland, with many being Māori, due to a unique data-sharing arrangement between Health NZ and Manage My Health. The Privacy Commissioner found both organizations breached the Privacy Act and intends to issue compliance notices requiring improvements. The breach was described as preventable, with researchers noting that the attack was neither sophisticated nor uncommon. Reports indicate that the stolen data included clinical notes and personal documents, raising concerns about potential identity theft and blackmail. The Ministry of Health is now implementing stronger cybersecurity measures across the health sector in response to the incident.

Key Points: • Nearly 100,000 New Zealanders' health data was compromised in a major breach. • The attack exploited weak security practices and a unique data-sharing arrangement. • The Privacy Commissioner plans to enforce compliance notices to improve security measures.

ThreatCluster AI

Timeline

2025-12-01
Cyber attack on Manage My Health
Hackers accessed sensitive health data, leading to the theft of records from nearly 100,000 patients.
1News
2026-05-26
Privacy Commissioner releases Phase 1 findings
The inquiry found that Manage My Health and Health NZ breached the Privacy Act due to inadequate security safeguards.
Waateanews
2026-05-27
Ministry of Health announces cybersecurity reforms
In response to the breach, the Ministry is implementing stronger cybersecurity measures and independent assessments for third-party suppliers.
Nzdoctor.Co.Nz

Community

Browse all →