ManageMyHealth New Zealand Hit by Kazu Ransomware Attack as Healthcare Sector Faces Rising Cyber Risk in 2025

ManageMyHealth, a New Zealand based digital health platform, has fallen victim to a ransomware attack attributed to the Kazu cybercrime group, highlighting the continued targeting of healthcare related services as 2025 begins. The breach was identified on December 30, 2025, and adds to growing concern over the resilience of organisations handling sensitive medical and personal data.

The incident underscores how healthcare platforms remain attractive targets for ransomware operators due to the critical nature of their services and the sensitivity of the information they manage.

Discovery of the ransomware attack

The attack against ManageMyHealth was discovered in the early hours of December 30, 2025. Initial indicators suggested that systems had been encrypted, consistent with ransomware activity, prompting an investigation into the scope and impact of the compromise.

While full technical details have not yet been made public, the timing and characteristics of the incident align with recent ransomware campaigns targeting healthcare and patient facing digital platforms.

Attribution to the Kazu ransomware group

The attack has been linked to the Kazu ransomware group, a threat actor associated with data encryption and extortion operations. Like many modern ransomware groups, Kazu is believed to employ a double extortion strategy, encrypting systems while also threatening to leak stolen data to pressure victims.

Such tactics increase the impact of attacks on healthcare organisations, where data confidentiality is critical and regulatory consequences can be severe.

Potential impact on healthcare services

Digital health platforms such as ManageMyHealth play a key role in patient access to medical information, appointment management, and communication with healthcare providers. Disruption caused by ransomware can affect service availability and erode trust, even if core clinical systems remain operational.

In incidents involving healthcare data, concerns extend beyond downtime to the potential exposure of sensitive personal and medical information.

Ransomware trends in the healthcare sector

The ManageMyHealth incident reflects a broader trend of ransomware activity targeting healthcare and health technology providers. Attackers continue to prioritise organisations where operational disruption carries high stakes and rapid recovery is essential.

As healthcare services become more digitally integrated, the attack surface expands, increasing the importance of robust cybersecurity governance.

Response and ongoing investigation

At the time of reporting, investigations into the ManageMyHealth breach are ongoing. Further details are expected to clarify whether data exfiltration occurred, the extent of system encryption, and what remediation steps are being taken.

As with many ransomware incidents, organisations are typically advised to engage incident response specialists, notify relevant authorities, and assess regulatory obligations related to data protection.

Why proactive cybersecurity matters

Incidents such as this highlight the limitations of reactive security approaches. Ransomware attacks often exploit human error, credential compromise, or unpatched systems, making early detection and prevention critical.

Healthcare organisations in particular face heightened risk due to the value of their data and the essential nature of their services.

Reducing exposure to ransomware attacks

Security experts consistently recommend a layered defence strategy to reduce ransomware risk. This includes testing employee readiness against phishing attacks, improving cybersecurity awareness, monitoring for signs of data leakage, and deploying tools that can detect and respond to threats before they escalate.

Proactive security measures can significantly reduce the likelihood that an initial intrusion turns into a full scale ransomware incident.

Looking ahead

The ManageMyHealth ransomware attack serves as an early reminder that cyber threats will remain persistent throughout 2025, particularly for organisations operating critical digital services. As investigations continue, the incident is likely to inform future discussions around healthcare cybersecurity preparedness in New Zealand and beyond.

For organisations handling sensitive user data, the lesson is clear. Investing in prevention, detection, and user awareness is increasingly essential to avoid becoming the next ransomware headline.