New Zealand's healthcare system, meanwhile, finds itself in the middle of a major cyberattack that is more severe than any yet experienced: this is no longer simply stealing data but actively tampering with it. On February 22, 2026, MediMap, a digital medication management software provider, was attacked leading to a "terrifying" scenario where human actors accessed and altered live patient data.
This incident occurred just two months after the huge Manage My Health data leak. It has sent shockwaves through the Ministry of Health and has triggered an immediate "Code Red" response from Te Whatu Ora, a health institution.
The Event: More Than Data Theft
In contrast to traditional ransomware attacks in which patients’ data is stolen and held for ransom, the MediMap breach involved the deliberate modification of patient information. Hackers got onto the system and started changing residents’ status and clinical notes, the hospital said, both inside and out on February 24, 2026. Most alarming manipulations discovered include:
- Status Falsification: Several living patients were falsely labeled as "Deceased" within the system.
- Medication Records: Concerns have been raised that the patient could be falsified with drug records for example with regards to dosage instructions or prescription history.
- Identity Information: names, dates of birth, and prescriber details are being altered in a way that is illicit.
Implications for Vulnerable Populations
MediMap is an important resource for coordinating medicine levels between clinics and pharmacies and is most commonly used in aged care, hospices, and disability services. For e-prescription and medication tracking, the modification of these records presents a direct risk to patient safety, since the system also serves with the platform.
As a direct result of the breach, MediMap has been fully taken offline on Sunday afternoon to prevent further tampering. This obliged healthcare providers across the country to go back again on paper-based manual methods. One hospice representative said they had to double the number of registered nurses at a time just to handle the “second-checker“ requirements of manual medication administration.
The Manage My Health Breach Comparison
This assault also closely mirrors the release announced in late December 2025 of the Manage My Health (MMH) breach, which compromised more than 125,000 New Zealanders. Whereas the MMH breach led to the exfiltration of 400,000 documents by a hacking group named “Kazu,” the MediMap attack is perceived as “clinically dangerous” because of the corruption of actively occurring medical data.
Reaction in Government and in Regulatory Community
The Cyber Incident Management Team of Health New Zealand is to be activated to help the recovery process. Prime Minister Christopher Luxon and Health Minister Simeon Brown have raised alarm, saying private companies that are providing health data should be held to “the highest possible standards.”
The Office of the Privacy Commissioner on MediMap and the National Cyber Security Centre (NCSC) are actively doing a forensic audit of its systems. Authorities have warned that, if medication records were successfully changed without detection, the potential for “accidental overdose or medical negligence” remains a matter of paramount concern in the weeks ahead.
What Should Patients Do?
If you or a family member are in a facility utilizing MediMap:
- Verify Status: Check that you're "Active/Resident" manually at their place.
- Cross-Check Medication: As a member of the family of an aged care resident, request a manual check of the current medication chart with previous and hard-copy records.
- Report Any Discrepancies: Contact Health New Zealand to check if there are any unusual communications or mistakes with medical billing being made.
