this post was submitted on 24 Feb 2026

33 points (100.0% liked)

Aotearoa / New Zealand

2120 readers

51 users here now

Kia ora and welcome to !newzealand, a place to share and discuss anything about Aotearoa in general

For politics , please use !politics@lemmy.nz
Shitposts, circlejerks, memes, and non-NZ topics belong in !offtopic@lemmy.nz
If you need help using Lemmy.nz, go to !support@lemmy.nz
NZ regional and special interest communities

Rules:

Don't be a dick

FAQ ~ NZ Community List ~ Join Matrix chatroom

Banner image by Bernard Spragg

Got an idea for next month's banner?

founded 2 years ago

MODERATORS

RaoulDuke@lemmy.nz

33

Another fucking health app hack (www.rnz.co.nz)

submitted 4 hours ago by phtheven@lemmy.world to c/newzealand@lemmy.nz

7 comments fedilink hide all child comments

The Privacy Commissioners Office has been calling for proper fines for data breaches for YEARS.

Not a single muppet in the beehive has even given it a thought, from what i can tell.

The current maximum penalty is $10000.

Australia has their maximum penalty set to $50 million.

top 7 comments

sorted by: hot top controversial new old

[–] FistingEnthusiast@lemmy.world 4 points 3 hours ago

It's shit, but I appreciate the humour of them changing names to Kirk and saying that they're dead

The world is better off without that hateful, grifting oxygen-thief

[–] FiniteBanjo@feddit.online 2 points 4 hours ago (3 children)

I'm in this weird position where I've never been a part of a Data Breach in part because I don't install or use any unnecessary Apps. I don't use them. Apps are not secure and that adds insecurity to entire devices.

It would take an equifax level data breach to release my information.

[–] andronicus@lemmy.world 2 points 2 hours ago (1 children)

That is certainly a take, but an app is just one attack surface for interacting with a service, and is not inherently secure or insecure; who you trust with your data is the far more relevant part here.

And that also doesn't matter when you are forced to interact with a government service or essential utilities provider who then subsequently puts your data into the hands of the same high profit, low value shitware companies that have these agencies/organisations locked-in. What are you going to do then? Move to the woods?

No, it won't stop until there is real accountability with teeth. Punish these fuckers for their incompetence with actual jail time for directors, otherwise fines are just the cost of doing business.

[–] FiniteBanjo@feddit.online 0 points 1 hour ago* (last edited 1 hour ago)

In the majority of cases the Apps are built or mainained by third parties who now additionally have access to your personal information, such was the case with a recent Railway travel app in Europe that revealed customers info and even Passport copies.

That is, among other things, why it is inherently a vulnerability.

In my area government services, medical processing, and utility companies can be managed either via website, phone, or in person. There has been a push lately for apps but I never sign off on any such disclosures and never use such apps. I would sue long before I considered it.

You comment reeks of nihilistic defeatism.

[–] phtheven@lemmy.world 3 points 3 hours ago (1 children)

Yeah mate i think it's fairly likely that many of us on here don't go around installing bullshit apps. I haven't been affected either.

The previous hack (manage my health) was not an app that people installed on their phones, it was a health management portal that patients were signed up to when they enrolled to clinics and practices that made use of that platform. These health providers used this as a database to store the medical information for all their patients. Molemaps, xrays, doctors notes, everything was uploaded, not by patients, but by their medical care providers.

If you're enrolled at a gp it's likely that your data is sitting in a similar system. MyIndici is an example I'm aware of, although it hasn't been hacked to my knowledge.

The concern doesn't stop with health apps either. Any third party data portal/platform is theoretically at risk, and kiwi companies love outsourcing risk to these private corps. Imagine the fallout from a RealMe hack, for example? It's no less likely at this point, and because of the lackluster regulation around these data platforms, they have no real incentive to beef up security. That's the issue here.

[–] FiniteBanjo@feddit.online 0 points 3 hours ago* (last edited 3 hours ago)

I think it's worth pointing out that the vast majority of the public lack the basic ability to protect themselves from vulnerabilities and are apathetic to the dangers of the act of installing random apps to personal devices, even those associated with legitimate institutions and services.

As for potential solutions, obviously legislative solutions are the way to go and would take much of the pressure off of citizens.

[–] FistingEnthusiast@lemmy.world 2 points 3 hours ago

Good for you.

Meanwhile, plenty of people have been affected

Do you feel better about contributing nothing?