MediMap Investigating Cyberattack

Key facts: medimap data breach

• Date reported: February 23, 2026.
• Unauthorized access identified: February 22, 2026.
• Target entity: medimap (medimap.co.nz).
• Source of breach: Unknown, unauthorized third-party (suspected credential theft).
• Data types: Patient demographic records; specifically involved unauthorized alterations such as incorrect deceased status, age changes, and name modifications.
• Status: Confirmed; platform placed in maintenance mode and reported to the Office of the Privacy Commissioner and New Zealand Police.
• Severity: High; involves unauthorized changes to sensitive medical records and impacts data integrity for patient care.

Start continuous breach monitoring with UpGuard.

What happened in the medimap data breach?

medimap (medimap.co.nz), a widely utilized medical platform in New Zealand, reported a significant cyber attack on February 23, 2026. No specific threat actor has been identified as responsible for the incident at this stage. Following the discovery of the breach, the organization's director confirmed that the platform was placed into maintenance mode to ensure patient safety and facilitate a comprehensive investigation by cybersecurity experts.

The incident involved unauthorized access and changes to patient demographic records, resulting in live patients being incorrectly labeled as deceased and their names being altered. This high-severity breach follows a previous security incident involving Manage My Health, which impacted over 120,000 users. The matter has been formally reported to the Office of the Privacy Commissioner and the New Zealand Police. Such incidents typically pose significant risks to data integrity and may lead to broader identity-related security threats.

Who is behind the incident?

The attacker or cause of the incident has not been identified.

Impact and risks for medimap customers

For patients and healthcare providers using medimap, the primary risks involve the potential loss of data integrity and significant service disruption. Unauthorized alterations to medical records, such as incorrect death status or name changes, could lead to clinical errors or confusion in patient care. There is also a plausible risk of identity theft or credential abuse if personal demographic information was accessed or exfiltrated by the unauthorized parties during the attack.

Typical outcomes of such breaches include long-term reputational damage and increased regulatory scrutiny. Affected individuals should monitor their medical records for inaccuracies, update their login credentials, and remain vigilant against potential phishing attempts. Maintaining transparency through public reporting and law enforcement involvement helps mitigate long-term security risks and aids in the recovery process.

How to protect against similar security incidents

Set up real-time alerts for dark web mentions.

Frequently Asked Questions

What happened in the medimap security breach?

On February 23, 2026, medimap (medimap.co.nz) disclosed a security breach. According to initial reports, the medical platform suffered a cyber attack that resulted in unauthorized changes to patient records, including live patients being incorrectly marked as deceased and demographic details being altered.

When did the medimap breach occur?

The medimap breach was publicly reported on February 23, 2026. The exact date of the attack has not been disclosed.

What data was exposed?

The breach involved patient demographic records. Most notably, the unauthorized access allowed attackers to make malicious alterations, such as changing patient names and incorrectly labeling live patients as deceased.

Is my personal information at risk?

If you interacted with medimap, there's a possibility your personal information could be affected. Similar incidents often involve demographic details, login credentials, or medical records. Stay alert for updates and take precautionary measures to secure your accounts and verify the accuracy of your medical data.

How can I protect myself after this data breach?

• Change your medimap and related account passwords immediately.
• Enable multi-factor authentication (MFA) wherever possible.
• Monitor your medical records and financial statements for unusual activity.
• Be cautious of unsolicited communications or phishing attempts.
• Use data breach monitoring tools to track your information on the dark web.
• Update passwords for any health portals that may share credentials with Medimap.
• Verify any "deceased" status labels if you experience issues with prescriptions or government health benefits.
• Contact your primary healthcare provider to verify that your medical record status and demographic details are accurate.

What steps should companies take after being impacted by this breach?

medimap has placed its systems in maintenance mode to protect patient safety and has engaged cybersecurity experts for an investigation. The company has reported the incident to the Office of the Privacy Commissioner and the NZ Police, and is expected to provide further guidance on protective actions for affected users.