Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsHealth and fitnessManageMyHealth Data Breach
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | ... | 29
kiwifidget
"Cookie"
3643 posts

Uber Geek
+1 received by user: 1971

Lifetime subscriber

  #3450272 6-Jan-2026 09:46
Send private message quote this post

cddt:

 

geek3001:

 

In my case, I am blessed or cursed depending how one looks at it, with having a very uncommon last name.

 

While I have a reasonably common first name, my full legal name makes me unique in NZ - I am the only person with those names out of five million people.

 

Worldwide, there are not too many people with the same name as me.

 

Put simply, if my personal details and information are part of an information breach and become publicly available, it is almost guaranteed that the information is actually about me rather than someone else with the same name.

 

I am quite sure that I am not alone in this regard, I would say there are plenty of other people out there with relatively unique names too.

 

 

Same problem here. I am the only person with the same first and last name combination in NZ. Let alone middle names! 

 

 

u-neek geeks 😀




Delete cookies?! Are you insane?!



geek3001
224 posts

Master Geek
+1 received by user: 334

ID Verified
Subscriber

  #3450273 6-Jan-2026 09:48
Send private message quote this post

Just logged in, no prompt to change password, however I have already done so since the breach was announced, so they may only be prompting those that have passwords older than whatever measure they have determined.

 

UI very sluggish, took nearly a minute for the dashboard to appear and that was jittery as it loaded.

 

Presumably their system is very busy with people using it, or they have implemented extra logic routines in the background.

geek3001
224 posts

Master Geek
+1 received by user: 334

ID Verified
Subscriber

  #3450274 6-Jan-2026 09:49
Send private message quote this post

kiwifidget:

 

u-neek geeks 😀

 

 

Ha ha, yes 😀



matthewperrin
22 posts

Geek
+1 received by user: 11


  #3450279 6-Jan-2026 10:05
Send private message quote this post

djtOtago:

 

Logged in yesterday ok, but today they are prompting me to change password.

 

 

Same here, funnily enough they let you restore it to the exact same password 🤣.

 

Completely and utterly incapable company and employees.

 

Also no explanation as to why they want people to change passwords. Salt leak, plaintext, dictionary attack vulnerability, or other reasons - trying to come across as not totally incompetent?

 

No response to their victims whether they protected us or not either. Scumbag company.

Edit: Previously document downloads were done directly to a CDN and now they are delivered via a new asp.net script which proxies the data to the browser presumably through some authenticated background mechanism - which then uses a normal download simulation to write it to disc.

MikeB4
MikeB4
18777 posts

Uber Geek
+1 received by user: 12769

ID Verified
Trusted
Subscriber

  #3450282 6-Jan-2026 10:15
Send private message quote this post

Received an email and prompt to change email. With no real explanatory communication from ManageMyHealth how am I to know this is not bad actors spoofing MMH. 




Here is a crazy notion, lets give peace a chance.

geek3001
224 posts

Master Geek
+1 received by user: 334

ID Verified
Subscriber

  #3450291 6-Jan-2026 10:19
Send private message quote this post

matthewperrin:

 

djtOtago:

 

Logged in yesterday ok, but today they are prompting me to change password.

 

 

Same here, funnily enough they let you restore it to the exact same password 🤣.

 

 

Confirmed.

 

I have just reset my password, to the current password, so no change made.

 

What the actual f%#&

 

Absolute demonstration of security incompetence.

 

What's the point of changing the password to the same value.

 

Are they even running the "new" password through a previous password(s) check or even encrypting them at all?

 
 
 
 

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).
eracode
Smpl Mnmlst
9348 posts

Uber Geek
+1 received by user: 6230

ID Verified
Trusted
Lifetime subscriber

  #3450292 6-Jan-2026 10:20
Send private message quote this post

MikeB4:

 

Received an email and prompt to change email. 

 

 

Change email or password?




Sometimes I just sit and think. Other times I just sit.

MikeB4
MikeB4
18777 posts

Uber Geek
+1 received by user: 12769

ID Verified
Trusted
Subscriber

  #3450295 6-Jan-2026 10:22
Send private message quote this post

Linux:

 

@matthewperrin OTT reaction. I don't think they will pay and personally I don't think they should

 

You make it sound like the world is about to explode

 

 

it may seem OTT but when your health and wellbeing is closely linked to a service like this any incident of this nature it can deeply impact you. Anxiety and stress can elevate very quickly. Empathy is the best approach to anyone clearly impacted by this.




Here is a crazy notion, lets give peace a chance.

MikeB4
MikeB4
18777 posts

Uber Geek
+1 received by user: 12769

ID Verified
Trusted
Subscriber

  #3450299 6-Jan-2026 10:25
Send private message quote this post

eracode:

 

MikeB4:

 

Received an email and prompt to change email. 

 

 

Change email or password?

 

 

and give a bad actor my new login and password. 




Here is a crazy notion, lets give peace a chance.

Linux
12212 posts

Uber Geek
+1 received by user: 8493

Trusted
Lifetime subscriber

#3450301 6-Jan-2026 10:30
Send private message quote this post

MikeB4:

 

Linux:

 

@matthewperrin OTT reaction. I don't think they will pay and personally I don't think they should

 

You make it sound like the world is about to explode

 

 

it may seem OTT but when your health and wellbeing is closely linked to a service like this any incident of this nature it can deeply impact you. Anxiety and stress can elevate very quickly. Empathy is the best approach to anyone clearly impacted by this.

 

 

@MikeB4 Go back and read what they wrote! My data is on MMH as well

 

8 hours to pay or we're doomed

Nice knowing you all

matthewperrin
22 posts

Geek
+1 received by user: 11


  #3450302 6-Jan-2026 10:33
Send private message quote this post

Manage My Health Careers

 

Hoping to see new job opportunities arise out of this!

 
 
 
 

Shop now for Dyson appliances (affiliate link).
MikeB4
MikeB4
18777 posts

Uber Geek
+1 received by user: 12769

ID Verified
Trusted
Subscriber

  #3450304 6-Jan-2026 10:39
Send private message quote this post

@Linux I was addressing your point about "OTT" in general and thats it. Maybe we should consider the other side of the keyboard and moderate ones comments to take into account how others may be affected and the impact upon them, I include myself in this as well.

 

 




Here is a crazy notion, lets give peace a chance.

alasta
6896 posts

Uber Geek
+1 received by user: 3376

Trusted
Subscriber

  #3450307 6-Jan-2026 10:55
Send private message quote this post

MikeB4:

 

Received an email and prompt to change email. With no real explanatory communication from ManageMyHealth how am I to know this is not bad actors spoofing MMH. 

 

 

I just received an automated email from ManageMyHealth to notify me about a communication that has just been sent out by my GP practice. It has a hyperlink which appears to be legitimate, but seriously, have they not considered that this is conditioning people to clicking on links in the phishing emails that are likely to result from this data breach? 

 

As for the communication from my GP practice, it basically just says "we don't know whether our patients have been affected but MMH will contact your directly if you are affected". So, no new information there!

geek3001
224 posts

Master Geek
+1 received by user: 334

ID Verified
Subscriber

  #3450312 6-Jan-2026 11:02
Send private message quote this post

alasta:

 

I just received an automated email from ManageMyHealth to notify me about a communication that has just been sent out by my GP practice. It has a hyperlink which appears to be legitimate, but seriously, have they not considered that this is conditioning people to clicking on links in the phishing emails that are likely to result from this data breach? 

 

As for the communication from my GP practice, it basically just says "we don't know whether our patients have been affected but MMH will contact your directly if you are affected". So, no new information there!

 

 

Surely if competent, qualified people experienced in dealing with this sort of thing are actually involved in the response, they would have made it very clear to not have clickable links in any email comms.

 

Given the high risk of phishing emails, any legit email comms should not have any links from now on, and should tell the recipient to go to the site manually and logon to access the info they are being told is there for them to read.

xpd

xpd
Geek of Coastguard
14124 posts

Uber Geek
+1 received by user: 4589

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #3450317 6-Jan-2026 11:12
Send private message quote this post

I've had absolutely 0 comms from MMH or GP regarding the breach.

 

Like it never happened..... 

 

 

 

 

 




XPD / Gavin

 

LinkTree

 

 

 

1 | ... | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | ... | 29
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright