MediMap 2026 Health App Patient Record Tampering

MediMap, a digital medical records platform serving New Zealand healthcare providers in aged care, disability, hospice, and community settings, experienced a breach resulting in patient record tampering. The incident forced the company to take its systems offline after unauthorized modifications were made to patient data, including altering patient status to deceased and changing personal information. The breach impacted medication dose recording systems used by multiple healthcare providers, compromising the integrity of critical medical documentation.

The attack involved unauthorized access to the MediMap platform, enabling threat actors to modify patient records within the system. Attackers altered patient information fields, including changing patient names to fabricated entries like 'Charlie Kirk' and incorrectly marking living patients as deceased. The compromised data included sensitive medication administration records, patient status indicators, and personal health information used for accurate medication dosing across multiple care settings.

Following the breach detection, MediMap took its systems completely offline to contain the incident and prevent further unauthorized modifications. Healthcare providers relying on the platform for medication management were forced to implement alternative recording methods while the investigation and remediation efforts proceeded.