Cybercriminals have become notorious, as the recent Manage My Health breach has proven. But is this breach one of the worst we’ve seen yet?
Recently, My Manage Health had alerted customers of a cybersecurity breach, with hackers (who called themselves “Kazu”) demanding a ransom of $60,000 within 48 hours – or it would leak personal data of 126,000 of its customers.
This breach has prompted a government review of the nation’s current security protections, while Manage My Health is working to obtain an injunction for the public use of patient information. The company is also currently notifying those affected.
How Prepared Are We Against a Cyber Incident?
According to the National Cyber Security Centre (NCSC)'s latest Cyber Threat Report, cybercrime has become commercialised, with a shift to ransomware-as-a-service. Hackers can now ‘rent’ effective attack tools and can easily specialise in different elements of the attack.
Meanwhile, new technologies such as AI are accelerating these attacks. Cybercriminals are responsible for most of the incidents reported to the NCSC, and many of those who pay the ransom do not get their data back or their systems unlocked. Oftentimes, these victims are extorted further.
More than 40% of NCSC incidents in 2024/25 were related to criminal or financial motivations, and about 25 per cent were suspicious of state-sponsored actors.
So how did the Manage My Health breach relate to other attacks in our history?
An Investigation of Past Cyber Attacks
Waikato DHB (2021)
In May 2021, a ransomware attack shut down Waikato DHB’s core systems across five hospitals. Six weeks later, personal data belonging to more than 4,000 patients and staff was leaked on the dark web. Recovery took months, but post-incident reports found that software vulnerabilities were not a factor leading to the incident.
Tonga Health System (2025)
In June 2025, Tonga’s national health system was taken offline for nearly a month following a ransomware attack demanding US$1 million. The ransom was not paid, and Tonga relied on international assistance, including support from Australia, to restore systems. Patients were also asked to bring handwritten medical notes while services were gradually reinstated.
WannaCry (2017)
The WannaCry ransomware attack happened in May 2017, affecting over 300,000 computers across more than 150 countries. The attack was widespread and prevented people from accessing their files. Hackers demanded US$300 per affected machine, and reports indicate that those who paid were not given access to their documents.
Qantas (2025)
In mid-2025, a cyberattack exposed data from 5.7 million Qantas customers. Stolen information included names, email addresses and frequent flyer details. Fortunately, no financial or passport data was accessed.
Nissan (2024)
In March 2024, Nissan’s Australian and New Zealand operations were affected by a cyber breach impacting around 100,000 customers. Sensitive identity documents, including driver licences and passports, were compromised.
Latitude Financial (2023)
Latitude Financial disclosed a major cyber breach in March 2023, initially believed to affect 330,000 individuals. Further investigations revealed that over 14 million documents had been compromised. The breach included driver licence numbers, bank account details and passport information across Australia and New Zealand.
Mercury IT (2022)
A cyber-attack on third-party provider Mercury IT affected to sensitive records held by Health NZ and the Ministry of Justice. Thousands of coronial, post-mortem and medical records were affected.
Squirrel (2024)
In 2024, mortgage and investment firm Squirrel suffered a breach through a third-party investor onboarding platform. The attack exposed approximately 600 investors’ names, dates of birth and ID numbers.
AA Traveller (2022)
AA Traveller disclosed that customer data had been stolen from its website, affecting hundreds of thousands of users over a 15-year period. Exposed data included names, contact details and expired credit card numbers.
NZ Parliament Hack (2021)
In 2021, New Zealand’s Parliamentary Service and Parliamentary Counsel Office were targeted by alleged state-sponsored hackers. The incident was later publicly attributed to China, an allegation strongly denied by the Chinese embassy.
NZX DDoS Attacks (2020)
The New Zealand Stock Exchange was hit by repeated DDoS attacks in August 2020, which overwhelmed public-facing systems and halted trading. Services were disrupted for nearly a week, with trading intermittently halted for four days in a row.
CrowdStrike (2024)
Who could forget the major CrowdStrike security update that caused a global IT outage in 2024? The meltdown was labelled as an unintentional glitch that affected systems running Microsoft Windows. Airlines, healthcare providers and financial services worldwide experienced disruptions.
Key Takeaway
Cybercrime is among the most prominent risks facing businesses today, and it can happen for reasons beyond our control. As we move into a more AI-focused environment and more personal data is handled online, it’s important for businesses to take a proactive stance against these threats.
Bonded NZ helps business owners remain efficient with cyber threats through comprehensive and tailored business insurance. If you’re looking to protect yourself and your business, we have a range of products suitable for your needs.
For more information about our insurance coverage, contact our team today.
