Manage My Health (MMH) has provided a comprehensive update on its ongoing investigation into the cyberattack first reported on December 30, 2025. The breach impacted a segment of the organization’s user base, prompting swift action from MMH, Health New Zealand, and law enforcement agencies. In its January 5, 2026 statement, MMH acknowledged the concern caused to healthcare providers and patients. The company described the incident as a criminal attack on its systems and expressed regret for any distress caused. MMH confirmed it is working closely with New Zealand Police, Health New Zealand, and other authorities to manage the situation.
“Our immediate focus was securing systems, safeguarding patient data, and validating information before communicating with practices and patients,” MMH stated. The organization reiterated its commitment to transparency and pledged to provide daily updates where possible, noting that legal and operational constraints may occasionally delay disclosures.
Key Findings from the Investigation
Independent forensic experts have determined that the attack targeted a specific module within the app—Health Documents—rather than the entire platform. Initial findings suggest that approximately 6–7% of MMH’s 1.8 million registered users may have had documents accessed. MMH emphasized that there is no evidence of unauthorized access to the core patient database, record tampering, or theft of login credentials. The company continues to work with cybersecurity specialists to identify affected documents and fully understand the breach.
In its January 3 update, MMH confirmed that the security gaps exploited by attackers have been closed. Additional measures, including stricter login attempt controls and enhanced document storage security, have been implemented. Users are encouraged to enable two-factor authentication through apps like Google Authenticator or Microsoft Authenticator for added protection.
Coordinated Response and Legal Action
MMH has begun notifying general practices and is providing secure lists of affected patients. Individual notifications will follow, coordinated with Health New Zealand, General Practice New Zealand (GPNZ), and Primary Health Organizations (PHOs). To prevent further exposure of sensitive data, MMH obtained High Court injunctions to block third-party distribution of compromised information. An international monitoring team is actively tracking known leak sites for any illicit publications. “The cyberattack is a criminal act, and any unlawful use of patient data will be pursued through legal channels,” MMH stated, while declining to comment on potential ransom demands, which remain under police investigation.
Support for Patients and Providers
MMH plans to launch a dedicated 0800 helpline and online support desk to assist affected individuals. Guidance for healthcare providers is also being prepared to ensure consistent and accurate communication across the sector.
CEO Vino Ramayah stressed the importance of restoring trust:
“We appreciate the patience of patients, practices, and partners as this complex investigation continues. Our priority remains transparency, system security, and appropriate support for all affected parties.” Independent forensic specialists are continuing their review, and MMH has pledged full cooperation with the Ministry of Health’s assessment. Findings are expected to inform broader improvements in cybersecurity standards across the health sector.
While MMH has taken immediate steps to secure its systems and support users, the investigation remains ongoing. Updates will be provided as forensic analysis and legal processes progress. The Cyber Express will continue monitoring this developing story.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
