Seek My Health

Health Marketplace

Beating the Blues

Support
Sign in
Sign in

FAQs related to Cyber Breach

Find the answers to the most frequently asked questions related to the recent Cyber Breach. 

1. What happened to Manage My Health in the cyber security incident?
We recently identified a cyber security incident involving unauthorised access to the Manage My Health platform in New Zealand. We believe the incident has been contained, and we have engaged independent international forensic consultants to further verify the solution we have put in place and determine the extent of the data which is affected.
Yes. The unauthorised access has been contained, and the platform remains operational, and we continue to monitor our systems closely.
We are identifying affected users now, and we believe that a total of 6 – 7 per cent of users are affected. If your information was involved, we will contact you directly with confirmation and next steps.
Our immediate priority is safeguarding the integrity and security of our systems. We are working with independent cyber security specialists, the Privacy Commissioner, the New Zealand Police and Health New Zealand to coordinate our response. We have implemented additional monitoring and security improvements.
No. ‘Accessed’ means an unauthorised party may have viewed or opened files. ‘Downloaded’ means files were copied out of the environment. Independent forensics are being used to confirm what was accessed and what may have been downloaded.
Because accuracy matters. We will not speculate about what was accessed or by whom. Our priority is to confirm what happened, protect data, and provide affected people with information that is correct.
As soon as we became aware of unauthorised access, our immediate priority was to secure the Manage My Health platform and protect patient data. At the same time, we began investigating what had occurred, working with independent cyber security and forensic specialists.
We understand the frustration this causes. Our communications sequence prioritises containment and verified identification of affected users, alongside public updates.
Yes. We are working alongside the Privacy Commission to co-ordinate our response (Privacy Commissioner) and ensure the safety of user data.

It is best practice to regularly update your password. To ensure your online security, we strongly recommend you read the guidelines provided by the Own Your Online website https://www.ownyouronline.govt.nz/personal/get-protected/
Manage My Health users can enable Mutli-Factor Authentication (MFA) using a supported authenticator app, providing an additional layer of account security.
Supported Authenticator Apps
• Google Authenticator
• Microsoft Authenticator
Here is the link on instructions to enable the two-factor authentication (you need to be logged in to access the link) – https://app.managemyhealth.co.nz/myaccount/two-step-verification

We will not ask for your password. We will not ask you to share one-time codes. Be cautious of urgent messages or links you were not expecting. If you are unsure, do not click.

We are still investigating what information may have been accessed. In general, personal information can sometimes be misused for identity theft or scams. If we confirm that your information was affected, we will notify you directly. As a precaution, we recommend following online safety best practices. You can find helpful guidance on how to protect yourself at the New Zealand Government’s Own Your Online website: https://www.ownyouronline.govt.nz/personal/get-protected/

Scroll to Top
Sign in
Menu

Support