Update on the Manage My Health Cyberattack Investigation
Overview of the Incident
Manage My Health (MMH) has provided a comprehensive update regarding the ongoing investigation into a cyberattack initially reported on December 30, 2025. This incident has had repercussions for a segment of the organization’s users, sparking immediate responses from MMH, Health New Zealand, and local law enforcement agencies.
In a statement released on January 5, 2026, MMH expressed regret for the anxiety and concern this attack has caused among healthcare providers and patients alike. The organization characterized the attack as a serious criminal act aimed at its systems, and it has since been actively collaborating with New Zealand Police and Health New Zealand, as well as other pertinent authorities, to address the situation effectively.
Addressing Patient Concerns
MMH has stated that its top priority was to secure its systems, protecting sensitive patient information while ensuring that communication to healthcare practices and patients remained accurate. The organization reiterated its commitment to transparency, promising to issue daily updates when feasible. However, legal and operational restrictions may occasionally delay the public release of information.
Understanding the Cyberattack
An independent forensic analysis revealed that the cyberattack specifically targeted a module within the Manage My Health application known as Health Documents, rather than compromising the entire platform. Initial findings suggest that approximately 6–7% of its 1.8 million registered users could have had their documents accessed during the breach.
Importantly, MMH clarified that there is no evidence indicating unauthorized access to the core patient database, nor is there any indication of record modifications, deletions, or theft of user login details. The organization continues to engage cybersecurity experts to assess which documents were affected, striving for a thorough understanding of the data breach.
Security Upgrades Implemented
Following the incident, MMH reported it has identified and rectified the specific vulnerabilities that led to unauthorized access. As of January 3, 2026, the organization has implemented additional security measures, including stricter monitoring of login attempts and enhanced storage protocols for health documents. Users are encouraged to activate two-factor authentication via compatible applications such as Google Authenticator and Microsoft Authenticator to bolster account security further.
Coordinated Communication Strategy
In the wake of the data breach, MMH has initiated communication with general practices, providing them with secure and confidential lists of affected patients. Notifications to impacted individuals are expected to commence soon, aligned with collaborative efforts from Health New Zealand, General Practice New Zealand (GPNZ), and relevant Primary Health Organizations (PHOs).
MMH has also taken steps to prevent the further dissemination of compromised information. High Court injunctions have been secured to halt third parties from distributing potentially sensitive data. An international monitoring team is also actively tracking known leak sites to preemptively address any unauthorized publications.
Legal Measures and Support for Affected Parties
The organization has made it clear that the cyberattack represents criminal activity, and any illicit use of patient data will be pursued through legal channels. While MMH has refrained from commenting on potential ransom demands that are currently being investigated by New Zealand Police, the emphasis remains on legal ramifications for any unlawful actions related to the breach.
To assist those affected, MMH plans to establish a dedicated helpline and online support desk. The organization is committed to providing clear, consistent guidance for healthcare providers who may receive inquiries from patients, ensuring accurate communication through the healthcare network.
Commitment to Transparency and Cybersecurity Improvement
CEO Vino Ramayah underscored the essential role of restoring public confidence amidst the ongoing investigation. He expressed gratitude for the patience exhibited by patients and healthcare partners as MMH navigates this complex issue. The organization’s focus remains firmly on transparency, enhancing system security, and ensuring adequate support for all affected stakeholders.
As independent forensic investigations continue, MMH is fully cooperating with a review by the Ministry of Health. Findings from this review are anticipated to lead to improvements not just within MMH but also across the broader healthcare sector, reinforcing cybersecurity standards and preparedness against future threats.
While MMH has implemented immediate measures to secure its systems and support impacted users, the investigation into the matter is ongoing. Updates will follow as the forensic analysis continues and as legal proceedings develop. The Cyber Express is closely following this story and will provide further updates as more information becomes available regarding the Manage My Health cyberattack and MMH’s response.
