Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsHealth and fitnessManageMyHealth Data Breach
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | ... | 29
geek3001
221 posts

Master Geek
+1 received by user: 331

ID Verified
Subscriber

  #3450416 6-Jan-2026 17:07
Send private message quote this post


Ramayah described the major breach as a "password accessed intrusion".
"They came in through the front door using a valid user password."

 

https://www.rnz.co.nz/news/national/583319/manage-my-health-ceo-trust-us-even-though-we-ve-dropped-the-ball

 

 

If that report is true, trust level for MMH = zero.



xpd

xpd
Geek of Coastguard
14116 posts

Uber Geek
+1 received by user: 4579

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #3450420 6-Jan-2026 17:41
Send private message quote this post

A friend who has never used MMH got an email...

 

 




XPD / Gavin

 

LinkTree

 

 

 

matthewperrin
22 posts

Geek
+1 received by user: 11


  #3450421 6-Jan-2026 17:44
Send private message quote this post

raytaylor:

 

matthewperrin:

 

Further, my understanding is that all documents stored under the "My Health Documents" feature were compromised as they did not previously need the correct authentication to be accessed or otherwise listed and that would mean that all patients who have documents there are victims.

 

 

I just logged in and I dont have anything in the documents section. I expect this just has a database list of documents and points to the storage locations on some sort of azure storage space - and perhaps that storage space was unlocked or publicly accessible if you knew the correct URL format. 

 

I dont actually have any documents in there. It seems all my blood test results and messages from the A&E centre all come in via some sort of text based transfer system, probably an API, and not as actual word or pdf documents. 
Prescriptions all seem to be in plaint text format too. 

 

I have been going to the doctor more recently so it doesnt surprise me if I dont have any documents in there then its unlikely most people would - unless they have gone to a specialist or something. 
Even then, i went to a skin cancer specialist and there are no documents there either - they also came back as lab results in the text only format. 

 

So I am not surprised its less than 8% of users affected. 

 

 

Of course, I have explained all of this previously.

 

PACS, DICOM, HI7, etc - are not affected it seems. And yes, this is exactly why "only" 6-7% were affected for for those affected, it's all of those documents.

 

The police are criminally responsible for the publishing of our private information if they prevent MMH from paying and MMH are REQUIRED TO PAY.

 

The could not protect our data, they cannot be trusted to operate a New Zealand company, and they should pay this fine for the pleasure if having someone tell them how to do their job for them.



larknz
1978 posts

Uber Geek
+1 received by user: 382

ID Verified
Lifetime subscriber

  #3450422 6-Jan-2026 17:46
Send private message quote this post

I tried to close my MMH account yesterday because my  medical centre no longer uses it. However after going through the process the website said there was an error. So I can't cancel my account. 

matthewperrin
22 posts

Geek
+1 received by user: 11


  #3450424 6-Jan-2026 17:51
Send private message quote this post

various:

 

This is beginning to scream disgruntled former employee,

 

The ransom amount is small, the data hasn't been released and now we find out they used valid credentials to log in...

 

"Vino Ramayah told RNZ hackers who have seized hundreds of thousands of files from more than 120,000 patients "got in through the front door".
...
Ramayah described the major breach as a "password accessed intrusion".
"They came in through the front door using a valid user password."
The deadline for a $60,000 ransom was initially thought to expire early on Tuesday morning, but Ramayah confirmed that deadline has now shifted.

 

"From what we have understood from the tracking and the kind of announcements in the dark web which we are monitoring the deadline is 5am on Friday."
But he said deadlines had come and gone "many times" and out of principal he would not comment on what people put up on the dark web.

 

https://www.rnz.co.nz/news/national/583319/manage-my-health-ceo-trust-us-even-though-we-ve-dropped-the-ball

 

Just about to ask... so it wasn't an open bucket?

 

I mean... it might be someone able to log into with a valid password into a normal account but the normal account has access to all the files in the bucket.... so he's correct technically.

 

 

Exactly, everyone had access to everyone else's documents.

 

 

 

[Mod edit (MF): removed abuse]

Rikkitic
Awrrr
19071 posts

Uber Geek
+1 received by user: 16317

Lifetime subscriber

  #3450426 6-Jan-2026 18:17
Send private message quote this post

This is getting awfully personal. Until the full story is known, I would ease up on the individual attacks. 

 

 




Plesse igmore amd axxept applogies in adbance fir anu typos

 


 

 
 
 
 

Shop now for Dell laptops and other devices (affiliate link).
freitasm

BDFL - Memuneh
80657 posts

Uber Geek
+1 received by user: 41063

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3450427 6-Jan-2026 18:22
Send private message quote this post

Rikkitic:

 

This is getting awfully personal. Until the full story is known, I would ease up on the individual attacks. 

 

 

Came here to say this. The last couple of pages are not what I like seeing around here.

 

It's ok for people to express their dismay. It's ok for people to tell us their worries. It's ok for people to comment on how they see things going.

 

It's not ok for people to call names. It's not ok for people to jump on high horse when they don't know all the facts behind the story.

 

So, if you want to be able to comment more on this topic when more comes to light, stop calling people names.

 

Putting things in bold don't make them true either.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

matthewperrin
22 posts

Geek
+1 received by user: 11


  #3450434 6-Jan-2026 18:49
Send private message quote this post

Rikkitic:

 

This is getting awfully personal. Until the full story is known, I would ease up on the individual attacks. 

 

 

I kept records from a while ago poking around this exact feature of the website and toying around with it because I noticed odd behaviour especially with how it was renaming files.

 

I have very little sympathy for companies who cheat the system and who cheat Kiwis.

ZephireNZ
20 posts

Geek
+1 received by user: 9

Trusted
2degrees

  #3450438 6-Jan-2026 19:15
Send private message quote this post

This fun little soundbite from the MMH CEO on the news tonight:

 

"The actors intruded using an identity of an existing user, and they managed to penetrate and they did a lot of technical stuff"

 

I realise that the the 6pm news isn't going the place to get into any level of detail, but good lord...

imd6662
134 posts

Master Geek
+1 received by user: 22


  #3450445 6-Jan-2026 19:41
Send private message quote this post

I agree with Martin here.

 

Regardless of the (partly known) circumstances, what's more important is the bigger underlying tension between data privacy and data utility, and whether the IT industry, profession, community is part of the solution or the of the problemm.

 

 

 

freitasm:

 

Rikkitic:

 

This is getting awfully personal. Until the full story is known, I would ease up on the individual attacks. 

 

 

Came here to say this. The last couple of pages are not what I like seeing around here.

 

It's ok for people to express their dismay. It's ok for people to tell us their worries. It's ok for people to comment on how they see things going.

 

It's not ok for people to call names. It's not ok for people to jump on high horse when they don't know all the facts behind the story.

 

So, if you want to be able to comment more on this topic when more comes to light, stop calling people names.

 

Putting things in bold don't make them true either.

 

 

 

networkn
Networkn
32871 posts

Uber Geek
+1 received by user: 15463

ID Verified
Trusted
Lifetime subscriber

  #3450450 6-Jan-2026 20:02
Send private message quote this post

wellygary:

 

This is beginning to scream disgruntled former employee,

 

The ransom amount is small, the data hasn't been released and now we find out they used valid credentials to log in...

 

"Vino Ramayah told RNZ hackers who have seized hundreds of thousands of files from more than 120,000 patients "got in through the front door".
...
Ramayah described the major breach as a "password accessed intrusion".
"They came in through the front door using a valid user password."
The deadline for a $60,000 ransom was initially thought to expire early on Tuesday morning, but Ramayah confirmed that deadline has now shifted.

 

"From what we have understood from the tracking and the kind of announcements in the dark web which we are monitoring the deadline is 5am on Friday."
But he said deadlines had come and gone "many times" and out of principal he would not comment on what people put up on the dark web.

 

https://www.rnz.co.nz/news/national/583319/manage-my-health-ceo-trust-us-even-though-we-ve-dropped-the-ball

 

 

 

 

They likely have got those credentials via Phishing or some other social engineering. 

 
 
 
 

Shop now for Dyson appliances (affiliate link).
networkn
Networkn
32871 posts

Uber Geek
+1 received by user: 15463

ID Verified
Trusted
Lifetime subscriber

  #3450452 6-Jan-2026 20:08
Send private message quote this post

geek3001:

 

If that report is true, trust level for MMH = zero.

 

 

These credentials were almost certainly phished or through otherwise social engineering.  

 

We see smart people get phished on the regular, at least once a fortnight, despite these people being usually capable people. They are human, it takes but a moment of inattention, a lack of sleep, sick kid, fight with a spouse, and with AI tools able to generate incredibly realistic almost indistiguishable phishing emails now, it's not really a matter of IF you will get done, it's WHEN.   

 

I am surprised that data that sensitive didn't have active monitoring for suspicious activity, DLP, and other protections in place, though, in 30 years of IT, I've seen a lot of crazy stuff. 

 

As the MF said, speculation serves no purpose, accusations which are unfounded, causes unncessary anxiety and concern. No-one has control of this situation, so take whatever precautions you can to protect yourself, and wait to see what the investigation shows. 

 

 

networkn
Networkn
32871 posts

Uber Geek
+1 received by user: 15463

ID Verified
Trusted
Lifetime subscriber

  #3450453 6-Jan-2026 20:12
Send private message quote this post

alasta:

 

I think one of the key lessons from this incident is that any organisation holding large volume of personal data needs to have a comprehensive crisis management plan in place before a data breach occurs. It's becoming apparent that MMH haven't done this. 

 

 

This is the real answer. As I have mentioned already, with companies IT systems having so many surfaces to protect and secure, between phones, and computers, and laptops, and servers, and IOT devices, Copiers, cameras etc etc, and all manner of software, and people, it's nigh impossible to guarantee you won't get hacked.  If you have a connection to the internet, you are at risk and then there are the zero day bugs, for which there is really very little protection. You can do all the right things and still get nailed. 

 

It's a matter of what you do once you are. 

 

 

matthewperrin
22 posts

Geek
+1 received by user: 11


  #3450460 6-Jan-2026 21:02
Send private message quote this post

networkn:

 

These credentials were almost certainly phished or through otherwise social engineering.  

 

We see smart people get phished on the regular, at least once a fortnight, despite these people being usually capable people. They are human, it takes but a moment of inattention, a lack of sleep, sick kid, fight with a spouse, and with AI tools able to generate incredibly realistic almost indistiguishable phishing emails now, it's not really a matter of IF you will get done, it's WHEN.

 

 

Sure but it's also trivial to protect against phishing.

 

I fail to see what this company actually does, what is their product?

networkn
Networkn
32871 posts

Uber Geek
+1 received by user: 15463

ID Verified
Trusted
Lifetime subscriber

  #3450478 7-Jan-2026 00:21
Send private message quote this post

matthewperrin:

 

Sure but it's also trivial to protect against phishing.

 

I fail to see what this company actually does, what is their product?

 

 

What is 100% effective against Phishing and trivial? 

 

 

1 | ... | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | ... | 29
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright