"A New Zealand health-related entity has obtained a high court injunction prohibiting the sharing of any data stolen from Manage My Health, a patient portal that allows individuals to request prescription refills, download their medical records, arrange for medical services, and make appointments for video (telehealth) consultations. Will the injunction do any good? Probably not much. As Stuff reported, Health New Zealand and General Practice New Zealand (GPNZ) are coordinating a national response to the cybersecurity breach affecting MMH."
"An injunction is only as good as its scope and the compliance of people it targets. In this case, without the language of the injunction to clarify the scope, DataBreaches would guess that it will only apply to those covered by the New Zealand court's area of jurisdiction and would include media outlets who might be covering the breach. In DataBreaches' experience, when high courts issue such injunctions, they are served on the assumed attacker, as was the case when Qantas,"
Manage My Health, a patient portal used for prescription refills, record downloads, service arrangements, and telehealth appointments, experienced a cybersecurity breach affecting an estimated 6–7% of its 1.8 million registered users (about 108,000–126,000 people). Health New Zealand and General Practice New Zealand are coordinating a national response and affected patients will be notified, with MMH to confirm the notification timeline. MMH obtained a High Court injunction prohibiting sharing of data stolen in the incident, but no copy of the injunction has been published. The injunction likely covers only New Zealand jurisdiction and media, and the identified threat actor "Kazu" reports he has not been served.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]