Health New Zealand says the breach of the ManageMyHealth app, used widely by GPs to organise patient data, has not affected its systems.
The country’s largest patient information portal, ManageMyHealth, confirmed on Wednesday it had identified a cyber security incident involving “unauthorised access” toits platform.
Roughly 1.8 million people are registered on the ManageMyHealth portal. The company said between 6% and 7% may be affected.
A cyber crime group claiming to have the data was demanding a $60,000 ransom by January 15.
Jason Power, Health New Zealand acting national director of planning, funding and outcomes, today said Health NZ was working closely with ManageMyHealth “and a range of government agencies to ensure all appropriate steps are being taken to manage a cyber security breach involving patient information.
The breach involved unauthorised access, affecting up to 7% of 1.8 million registered users. Photo / Dean Purcell
Power said the app was a “privately operated patient portal used by some primary care providers and is responsible for managing and securing its systems”.
“Health NZ takes any issue involving patient information very seriously and has activated its own incident management team. We are working with relevant agencies, including the National Cyber Security Centre and the Police Cyber Crime Unit, to ensure the situation is being managed appropriately.
“We are also utilising independent cyber specialist capability to provide further assurance that the vulnerabilities that led to the breach have been addressed.”
He said Health NZ would monitor progress closely, and was speaking with GP practices and others who use the app.
“There has been no impact on Health NZ systems.”
Earlier today, Health Minister Simeon Brown described the breach as concerning, but said it had no clinical impact on patient care.
“This is a concerning breach of patient data and Health NZ is working closely with ManageMyHealth to ensure it is being appropriately addressed,” he said.
