ManageMyHealth Data Breach

Forums › Health and fitness › ManageMyHealth Data Breach

1 | ... | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | ... | 29

6734 posts

Uber Geek
+1 received by user: 2927

Subscriber

#3450482 7-Jan-2026 06:40

networkn:

They likely have got those credentials via Phishing or some other social engineering.

Or they're one of the 2M people with a MMH account.

michaelmurfy

meow
13581 posts

Uber Geek
+1 received by user: 10914

Moderator

ID Verified

Trusted

Lifetime subscriber

#3450489 7-Jan-2026 08:36

It looks like they’ve paid the ransom. The breach is now gone from their Telegram and Website…

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

xpd

Geek of Coastguard
14116 posts

Uber Geek
+1 received by user: 4579

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#3450491 7-Jan-2026 08:51

Trust is gone though, no amount of money can recover that.

XPD / Gavin

LinkTree

matthewperrin

22 posts

Geek
+1 received by user: 11

#3450492 7-Jan-2026 08:59

michaelmurfy:

It looks like they’ve paid the ransom. The breach is now gone from their Telegram and Website…

Good! Extremely happy to hear it!

Maybe the complexity was them figuring out how to use signal 🤣

Rikkitic

Awrrr
19071 posts

Uber Geek
+1 received by user: 16318

Lifetime subscriber

#3450493 7-Jan-2026 09:04

So what next? Everyone just goes silent and pretends it never happened? I have a lot of questions and I don't know where to ask them.

Plesse igmore amd axxept applogies in adbance fir anu typos

kiwifidget

"Cookie"
3641 posts

Uber Geek
+1 received by user: 1969

Lifetime subscriber

#3450494 7-Jan-2026 09:07

I have a dr appointment next week, I will be insisting they remove all my information from MMH and remove my account.

I never used the app after the first times I tried to renew scripts and it never worked properly.

I just email those in now, so no need for MMH to exist for me.

ADD: and the compromised users still need to know who they are, just in case something has gotten out into the wild.

Delete cookies?! Are you insane?!

Lenovo

Shop now for Lenovo laptops and other devices (affiliate link).

Bung

6734 posts

Uber Geek
+1 received by user: 2927

Subscriber

#3450495 7-Jan-2026 09:10

matthewperrin:

Good! Extremely happy to hear it!

Maybe the complexity was them figuring out how to use signal 🤣

"I kept records from a while ago poking around this exact feature of the website and toying around with it because I noticed odd behaviour especially with how it was renaming files."

Maybe if you'd persued your earlier concerns with MMH this could have been closed off then.

michaelmurfy

meow
13581 posts

Uber Geek
+1 received by user: 10914

Moderator

ID Verified

Trusted

Lifetime subscriber

#3450496 7-Jan-2026 09:11

matthewperrin:

Good! Extremely happy to hear it!

Maybe the complexity was them figuring out how to use signal 🤣

Erm… not sure if you’re being sarcastic or not.

This is not a good thing for 3 reasons:

1) Breach of sanctions / Anti Money Laundering.

2) Paints a target on Manage My Health as a company who pays meaning they’re likely going to get targeted again.

3) Paints a target on NZ Health / other NZ businesses as a country that pays.

geek3001

221 posts

Master Geek
+1 received by user: 331

ID Verified

Subscriber

#3450497 7-Jan-2026 09:18

michaelmurfy:

It looks like they’ve paid the ransom. The breach is now gone from their Telegram and Website…

I was actually hoping that the authorities might have tracked down the culprit and dealt with matters.

However if the ransom has really been paid, we will look forward to confirmation.

We do not want to hear that the culprit received a better offer.

I hate to say it, unless we get an absolute assurance that the leak has been fulled contained, we may have to face the reality that the data is still out there.

networkn

Networkn
32871 posts

Uber Geek
+1 received by user: 15468

ID Verified

Trusted

Lifetime subscriber

#3450500 7-Jan-2026 09:29

So the counterpoint to reasons to pay ransom (and why fundamentally I am against paying, but still understand why people do).

1) If you pay, the chances are the issue (sometimes temporarily) goes away. The bad actor community takes this all pretty seriously and have acted against their own when ransom paid != data removed/restored. It's a high trust model and everything falls over once you put doubt in peoples minds as to whether you get your data back if you don't pay.

2) Companies that pay, have staff, suppliers and other financial responsibilities. If your company goes away by not paying, then you are putting all those others in real genuine harms way.

3) The harm to consumers in this particular instance, was fairly immeasureable. Paying has (likely) prevented this instance of that.

I understand the arguments against paying, and I agree with those too, but I think it's more complicated than it seems at first glance. Whilst Health NZ can say it won't pay, that's fine, but MMH is a private company.

The best case scenario here is that MMH has learned a valueable lesson and has gotten reputable IT assistance to ensure their systems are not just safe from this breach, but are undertaking a full review and completing recommended actions to get secure. The saying 'the safest plane to be on is the one that just had a technical fault'.

I am not defending MMH per se, but often these situations aren't what they look like from the outside. Having been involved in Incident Response for a good many years, these are wildly stressful situations, and quite frankly I wouldn't wish it on my worst enemy.

xpd

Geek of Coastguard
14116 posts

Uber Geek
+1 received by user: 4579

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#3450501 7-Jan-2026 09:30

geek3001:

I hate to say it, unless we get an absolute assurance that the leak has been fulled contained, we may have to face the reality that the data is still out there.

And always will be.

Once on the internet, always on the internet.

XPD / Gavin

LinkTree

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

xpd

Geek of Coastguard
14116 posts

Uber Geek
+1 received by user: 4579

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#3450503 7-Jan-2026 09:33

networkn:

I am not defending MMH per se, but often these situations aren't what they look like from the outside. Having been involved in Incident Response for a good many years, these are wildly stressful situations, and quite frankly I wouldn't wish it on my worst enemy.

Yup, I'm dreading the day when I get the 3am page........

XPD / Gavin

LinkTree

geek3001

221 posts

Master Geek
+1 received by user: 331

ID Verified

Subscriber

#3450504 7-Jan-2026 09:34

xpd:

Once on the internet, always on the internet.

Amen to that.

networkn

Networkn
32871 posts

Uber Geek
+1 received by user: 15468

ID Verified

Trusted

Lifetime subscriber

#3450505 7-Jan-2026 09:37

xpd:

Yup, I'm dreading the day when I get the 3am page........

Make your 2026 New Years Resolution to make a DR plan to cover you, so you don't need to worry about not thinking clearly in a crisis. Put the numbers of all the important people somewhere offline, along with your insurance policy numbers. AI is actually really good for helping with this, and because of that, there is no excuse for people to not have a plan in 2026.

Assume the worst case will eventute, and you'll have access to none of your digital resources, and work backwards from there.

Involve your stakeholders if you can. Make sure that the plan is ALSO offline (I have seen this before!) and that the top 3 people in your firm can get to it.

The plan should be straight forward enough that if you aren't available, someone non-technical can still provide the people who will be helping, with what they need.

michaelmurfy

meow
13581 posts

Uber Geek
+1 received by user: 10914

Moderator

ID Verified

Trusted

Lifetime subscriber

#3450507 7-Jan-2026 09:41

@networkn agreed, but the general rule is don’t pay. This breach was pretty small but now they’ve painted a target on NZ (and especially NZ Health) which could mean the next breach could be bigger and cause more harm to individuals.

1 | ... | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | ... | 29