Canopy Health has confirmed it experienced a significant cyber incident that was not disclosed to patients for approximately six months. The delayed notification has sparked strong reactions from affected individuals; many of whom say the breach has damaged their trust in healthcare providers and the systems responsible for safeguarding sensitive data.
The cyber incident was publicly acknowledged this week after an extended internal investigation. In a notice published on its website, Canopy Health stated that it detected
suspicious activity on July 18, 2025. The organization identified that an unknown actor had briefly gained unauthorized access to a portion of its internal administrative systems.
Following a forensic review carried out by external cybersecurity specialists, Canopy Health said it was advised that unauthorized access to one of its servers likely occurred and that some data may have been copied. The organization reported that the incident has been contained, although investigative efforts remain ongoing.
Patient Response to the Canopy Health Data Incident
According to Radio New Zealand, one affected patient who requested anonymity said she only became aware of the breach after receiving an email notification this week. She described the six-month delay in disclosure as unacceptable.
The patient had previously attended a Canopy Health clinic for mammography services under the government-funded BreastScreen Aotearoa program and had also used its diagnostic imaging services. She noted that the notification email stated there was no indication that credit card data, banking details, or identity documents were affected. However, she pointed out that this appeared inconsistent with information published on Canopy Health’s website, which acknowledged that attackers may have accessed a limited number of bank account numbers.
The individual, who also uses the Manage My Health platform, criticized both the data protection measures and the delayed communication. She stated that the lack of clarity and timeliness significantly reduced her confidence in healthcare data security.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
