Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsHealth and fitnessManageMyHealth Data Breach
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | ... | 29
networkn
Networkn
32871 posts

Uber Geek
+1 received by user: 15468

ID Verified
Trusted
Lifetime subscriber

  #3450167 5-Jan-2026 21:13
Send private message quote this post

geek3001:

 

Fair point, for NZ and friendly countries.

 

What about "unfriendly" countries and the remaining instances? That's where the data will be available from.

 

Will the injunction require ISPs to block access to said sites?

 

Apologies if I sound argumentative, that is not my intention.

 

I'm just very fearful that the data will be out there for those that wish to go get it and then misuse it, with it probably being refreshed from the dark web.

 

In that sense the damage is done and there is quite possibly no solution unless appropriate international authorities can help to conclusively take down every instance that appears.

 

 

You might be surprised who co-operates in a situation like this. There is a fair amount of back channel stuff that goes on.  You rub my back and I'll rub yours type thing. 

 

Either way, whilst I understand the fear, it serves no purpose as you have no control over this situation. An exceptionally small amount of the data that is leaked, is ever used or recognised by anyone who would care about it. 

 

 



matthewperrin
22 posts

Geek
+1 received by user: 11


#3450171 5-Jan-2026 21:31
Send private message quote this post

The completely and utterly incompetent idiots at MMH have 8 hours to pay or we're doomed.

Nice knowing you all.

gzt

gzt
18689 posts

Uber Geek
+1 received by user: 7827

Lifetime subscriber

  #3450174 5-Jan-2026 22:26
Send private message quote this post

Beccara: I can't help but feel like this level of attention and public backlash wasn't present for the Waikato DHB and Tu Ora breaches. With the Waikato breach potentially being 80,000 people and The Tu Ora breach potentially had 1 million people's records at risk. Both incidents had a similar level of messaging (or lack thereof).

The main difference is that Manage My Health has a public facing website and app where users can review their recent health information and make appointments etc. Users intuitively understand what is at stake there.

Also, a good proportion of the country receives regular spam-like email reminders to sign into Manage My Health even though they have never used it and there's no real need*

*other than the very worthwhile reason wider use reduces admin cost for your GP.



Linux
12188 posts

Uber Geek
+1 received by user: 8480

Trusted
Lifetime subscriber

  #3450175 5-Jan-2026 22:35
Send private message quote this post

matthewperrin:

 

The completely and utterly incompetent idiots at MMH have 8 hours to pay or we're doomed.

Nice knowing you all.

 

 

@matthewperrin OTT reaction. I don't think they will pay and personally I don't think they should

 

You make it sound like the world is about to explode

matthewperrin
22 posts

Geek
+1 received by user: 11


  #3450178 5-Jan-2026 22:56
Send private message quote this post

Linux:

 

@matthewperrin OTT reaction. I don't think they will pay and personally I don't think they should

 

You make it sound like the world is about to explode

 

 

It is for some, and that includes me.
Maybe use your brain before being completely and utterly selfish.
When we talk to our doctors or visit hospitals and emergency rooms - there is an expectation of privacy in most of those settings.
If you don't understand how releasing everything ever said in those contexts is harmful, then you are insane.
And for many people, this feature is where a lot of that information was stored.

Also note that medical records often repeat components of other records meaning that even a single uploaded document could expose dangerous secrets about a person which could lead to their death.

mattwnz
20520 posts

Uber Geek
+1 received by user: 4797


  #3450182 6-Jan-2026 00:53
Send private message quote this post

gzt: 

Also, a good proportion of the country receives regular spam-like email reminders to sign into Manage My Health even though they have never used it and there's no real need*

*other than the very worthwhile reason wider use reduces admin cost for your GP.

 

The question is if the medical practice makes it a requirement to have an account with one of these external providers or not. My medical practice doesn't even offer bookings through it. The only advantage is repeat prescriptions can be ordered. But it would cost the same whether I phoned them, despite the reduced admin costs for the practice. 

 
 
 
 

Shop now for Lenovo laptops and other devices (affiliate link).
Shindig
1622 posts

Uber Geek
+1 received by user: 362

Trusted

  #3450190 6-Jan-2026 07:26
Send private message quote this post

How do we start legal proceedings against MMH?




The little things make the biggest difference.

eracode
Smpl Mnmlst
9334 posts

Uber Geek
+1 received by user: 6203

ID Verified
Trusted
Lifetime subscriber

  #3450191 6-Jan-2026 07:27
Send private message quote this post

Shindig:

 

How do we start legal proceedings against MMH?

 

 

Instruct a lawyer.




Sometimes I just sit and think. Other times I just sit.

geek3001
221 posts

Master Geek
+1 received by user: 331

ID Verified
Subscriber

  #3450240 6-Jan-2026 08:05
Send private message quote this post

networkn:

 

geek3001:

 

Fair point, for NZ and friendly countries.

 

What about "unfriendly" countries and the remaining instances? That's where the data will be available from.

 

Will the injunction require ISPs to block access to said sites?

 

Apologies if I sound argumentative, that is not my intention.

 

I'm just very fearful that the data will be out there for those that wish to go get it and then misuse it, with it probably being refreshed from the dark web.

 

In that sense the damage is done and there is quite possibly no solution unless appropriate international authorities can help to conclusively take down every instance that appears.

 

 

You might be surprised who co-operates in a situation like this. There is a fair amount of back channel stuff that goes on.  You rub my back and I'll rub yours type thing. 

 

Either way, whilst I understand the fear, it serves no purpose as you have no control over this situation. An exceptionally small amount of the data that is leaked, is ever used or recognised by anyone who would care about it. 

 

 

Thank you for your insights, which I do appreciate :-)

 

In my case, I am blessed or cursed depending how one looks at it, with having a very uncommon last name.

 

While I have a reasonably common first name, my full legal name makes me unique in NZ - I am the only person with those names out of five million people.

 

Worldwide, there are not too many people with the same name as me.

 

Put simply, if my personal details and information are part of an information breach and become publicly available, it is almost guaranteed that the information is actually about me rather than someone else with the same name.

 

I am quite sure that I am not alone in this regard, I would say there are plenty of other people out there with relatively unique names too.

 

I have been around since the very early days of the Internet and have made darn sure that I have been very careful about where and why I put any personal information under my control. It may surprise some to know that I have no social media accounts at all, a decision I made when these services first started, and something which has created some interesting communication issues for me among friends etc, but that is/was my choice way back when and I remain comfortable with it.

 

My daily, monthly and annual personal data backups that are in the cloud are heavily encrypted at rest so if any breach occurs there, hopefully my data is inaccessible so I don't need to be concerned about it should that happen.

 

I have a very dim view of incompetent organisations that do not properly manage personal data, especially where the data can these days so easily find its way on to the public Internet.

lchiu7
6521 posts

Uber Geek
+1 received by user: 543

Trusted

  #3450246 6-Jan-2026 08:32
Send private message quote this post

mattwnz:

 

gzt: 

Also, a good proportion of the country receives regular spam-like email reminders to sign into Manage My Health even though they have never used it and there's no real need*

*other than the very worthwhile reason wider use reduces admin cost for your GP.

 

The question is if the medical practice makes it a requirement to have an account with one of these external providers or not. My medical practice doesn't even offer bookings through it. The only advantage is repeat prescriptions can be ordered. But it would cost the same whether I phoned them, despite the reduced admin costs for the practice. 

 

 

I have an account with MMH which isn't mandatory for my GP practice but does make life a bit easier. For example for lab tests, once the lab has sent them to the practice, the doctor has reviewed them and then uploaded to MMH I can see them in about a day from the tests. Mind you these are routine things like blood sugar, cholesterol etc.  I  can also request repeats which is easier than calling their number and specificying the meds over the phone to their voice attendant. 

 

 

 

It's been a while since I first registered but I think the only link between MMH data and the GP database is the NHI number.  None of my patient records are in MMH - viz. the Dr notes, only lab results and letters from specialists who, after performing an examination, send over a letter to the practice and they upload it to MMH.

 

If my particular details were leaked, while being immensely annoyed, I don't think would embarrass me except some people would say, he needs to cut down his sugar :-(




Staying in Wellington. Check out my AirBnB in the Wellington CBD.  https://www.airbnb.co.nz/h/wellycbd  PM me and mention GZ to get a 15% discount and no AirBnB charges.

gzt

gzt
18689 posts

Uber Geek
+1 received by user: 7827

Lifetime subscriber

  #3450249 6-Jan-2026 08:49
Send private message quote this post

lchiu7: If my particular details were leaked, while being immensely annoyed, I don't think would embarrass me except some people would say, he needs to cut down his sugar :-(

Likewise. The thing is, as the poster above points out, that information can end up being hoovered up and provided by legitimate information brokers to inform 3rd party decision making that you have no visibility over. For example, insurance denial or increased cost which may in turn affect travel or employment cost assessment. In general there's really no way to predict future random uses of the information once it's out there.

 
 
 
 

Shop now on AliExpress (affiliate link).
cddt
1970 posts

Uber Geek
+1 received by user: 1905


  #3450252 6-Jan-2026 08:52
Send private message quote this post

geek3001:

 

In my case, I am blessed or cursed depending how one looks at it, with having a very uncommon last name.

 

While I have a reasonably common first name, my full legal name makes me unique in NZ - I am the only person with those names out of five million people.

 

Worldwide, there are not too many people with the same name as me.

 

Put simply, if my personal details and information are part of an information breach and become publicly available, it is almost guaranteed that the information is actually about me rather than someone else with the same name.

 

I am quite sure that I am not alone in this regard, I would say there are plenty of other people out there with relatively unique names too.

 

 

Same problem here. I am the only person with the same first and last name combination in NZ. Let alone middle names! 

Ge0rge
2114 posts

Uber Geek
+1 received by user: 2060

Trusted
Lifetime subscriber

  #3450255 6-Jan-2026 09:00
Send private message quote this post

Interesting to note that the RNZ article about the deadline passing has a screenshot showing the deadline as being 2026-1-15. 

FineWine
3115 posts

Uber Geek
+1 received by user: 2447

Trusted
Nurse (R)
Lifetime subscriber

  #3450263 6-Jan-2026 09:27
Send private message quote this post

Have not read the entire topic, so don't know if this has already been mentioned. It appears MMH is now asking, at login, for users to change their password using an email sent verification code.

 

Also noticed server response times are slow, so be patient.




Whilst the difficult we can do immediately, the impossible takes a bit longer. However, miracles you will have to wait for.

djtOtago
1181 posts

Uber Geek
+1 received by user: 605


  #3450269 6-Jan-2026 09:38
Send private message quote this post

Logged in yesterday ok, but today they are prompting me to change password.

1 | ... | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | ... | 29
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright