A major health crisis unfolds in New Zealand as the popular medical app, MediMap, falls victim to a malicious hack, compromising sensitive patient data. But here's the shocking part: some records were altered to mark patients as deceased! This breach has forced a temporary shutdown, leaving healthcare providers scrambling to ensure patient safety.
MediMap, a trusted tool for accurately recording medication doses, is widely used in aged care, disability care, hospices, and community settings. It facilitates seamless coordination between clinics, patients, and pharmacies, enabling e-prescriptions and providing easy access to medication histories.
The hack was first detected around 1:30 pm on Sunday, prompting an immediate investigation. MediMap's website notified users that the platform would remain offline while assessing the extent of the damage. The company confirmed unauthorized access, exposing names, dates of birth, prescribers, care locations, and resident statuses.
In a swift response, MediMap's director, Geoffrey Sayer, assured that they had engaged external cyber experts and prioritized patient safety by placing the platform in maintenance mode. He stated, "Our immediate focus is on assisting facilities in maintaining continuity of care, followed by remediation and secure restoration." As a temporary measure, healthcare providers have reverted to manual processes to ensure patients receive the necessary care.
The breach has sparked widespread concern, with the Aged Care Association estimating that up to 60% of aged care facilities rely on MediMap. The Nurses Organisation revealed that aged care sites in Christchurch were affected, leading to a precautionary shutdown that doubled the workload for registered nurses and raised fears for patient safety.
Prime Minister Christopher Luxon acknowledged the breach, emphasizing the need for stronger cybersecurity laws. Associate Health Minister David Seymour echoed this sentiment, stating that the hack highlights the critical importance of cybersecurity, especially as New Zealand strives to catch up with global standards.
This incident follows closely on the heels of another significant privacy breach involving the patient portal Manage My Health, where a hacker group demanded a ransom for stolen data. The recent breaches underscore the urgent need for enhanced cybersecurity measures in New Zealand's healthcare sector.
The question remains: Are New Zealand's healthcare systems adequately prepared for the evolving cyber threats?
