Massive health data breach leaves 400,000 patients exposed to blackmail
A major data breach at Manage My Health has exposed the private health records of around 400,000 patients. The company’s chief executive, Vino Ramayah, called the incident a crime against the business itself, with his own health insurance files among those stolen. Hackers are now demanding a US$60,000 ransom to prevent the release of sensitive health documents.
The breach, carried out by the group known as 'Kazu', affected roughly 6-7% of the 1.8 million users on the health insurance marketplace. Among the compromised files are highly personal health records, including those of a sexual assault survivor who fears her private trauma could be exposed. She has not shared details of her assault with some close individuals, making the potential leak even more distressing. The woman described feeling re-victimised, with a return of post-traumatic stress symptoms since learning of the breach.
Manage My Health has yet to notify affected patients about the incident. The company issued an apology, admitting it could have handled communication better. Meanwhile, online safety advocate Netsafe has urged people to be wary of suspicious emails containing private health information, especially if they appear threatening or demand a response.
The hackers have set a deadline of Friday morning for the ransom payment. If unpaid, they threaten to publish over 400,000 stolen health documents. The sexual assault victim has demanded that Manage My Health inform individuals about exactly what health data was taken, allowing them to take protective steps.
The breach has left thousands of patients vulnerable, with private medical details at risk of exposure. Manage My Health faces pressure to improve communication and address the fallout, while victims await clarity on what personal health information may be released. The company must now decide how to respond to the ransom demand before the hackers’ deadline.
