Global Shadow Behind Local Crisis: Who is ‘Kazu,’ the Prolific Ransomware Actor Targeting Manage My Health?
By Lions Roar News Cyber Security Desk
AUCKLAND, NEW ZEALAND (January 7, 2026) — As New Zealand grapples with the fallout of the massive Manage My Health data breach, investigators are turning their focus to the shadowy entity behind the attack: a hacker or group known as ‘Kazu.’
The breach, which has compromised the medical records of over 120,000 New Zealanders, is not an isolated incident. Research reveals that Kazu has spent the past year executing a string of high-profile cyber-raids on government and medical institutions across the globe.
🕵️ Who is Kazu? A Trail of Digital Destruction
While it remains unclear if Kazu is a lone individual or an organized syndicate, their digital footprint over the last year is staggering. According to forensic reports, the entity has a track record of targeting critical infrastructure in developing and developed nations alike.
Key Previous Targets (2025):
- Nepal: Stole 1.4TB of data from the Ministry of Education and targeted the Nepali police, leaking photos and passports.
- USA: Targeted the Doctor Alliance in Dallas, Texas, stealing 1.24 million files and demanding a $US200,000 ransom.
- South and Central America: Claimed attacks on the Colombian Ombudsman, the Bolivian Navy, and institutions in Argentina and Mexico.
- Middle East: Targeted the Kuwait Ministry of Public Works and entities in Saudi Arabia.
📉 The Manage My Health Status: A Shift in Tactics?
The attack on Manage My Health began on New Year’s Eve, with the group demanding $US60,000 for the return of hundreds of thousands of files.
- The Deadline: While the initial payment window expired Tuesday, unverified reports suggest a new deadline has been set for 5:00 AM this Friday.
- Content Takedown: In a curious turn, Kazu removed all posts related to the Manage My Health hack from their messaging channels on Wednesday morning. This follows a High Court injunction granted in New Zealand that prohibits anyone from accessing or sharing the stolen data.
- Political Leanings: On January 6, the Kazu account posted “Free Nicolás Maduro !!!!!,” referencing the recent U.S. capture of the Venezuelan President. Some deleted posts claimed the author was operating out of Cuba.
🚫 The Official Stand: “Do Not Pay”
The New Zealand Government, through the Department of the Prime Minister and Cabinet, has issued a stern warning against engaging with the hackers.
- No Guarantees: Paying a ransom does not guarantee data return or the removal of malware.
- Incentivizing Crime: Payments provide a financial incentive for hackers to target the same organization again.
- Legal Risk: The government warned that paying groups in sanctioned states could violate the Russia Sanctions Act 2022 or the United Nations Act 1946.
- Penalties for individuals: Up to 7 years in prison and a $100,000 fine.
- Penalties for organizations: Fines up to $1 million.
