Philippines health insurer hacked: What we know
/ Photo: © AFP
-
Trump threatens prison for damage to Washington Reflecting Pool
-
France-Iraq World Cup game restarts after two-hour storm delay
-
Shortages ease in Bolivia as protest roadblocks dismantled
-
World Cup exploits of Maradona and Messi have Argentina fans in raptures
-
England 'can beat any opponent' at World Cup, says Rice
-
'Boston Tea Party' compensation claim to be displayed at UK exhibit
-
Alvarez says 'best for everyone' if he leaves Atletico
-
France-Iraq World Cup game suspended due to severe weather alert
-
Romanian parliament rejects liberal PM-designate
-
US temporarily suspends Iran oil sanctions, says nuclear inspectors to return
-
Maduro ouster put Venezuela on 'the right path': interim leader
-
Missed penalty spurred 'very angry' Messi to World Cup history
-
Shooting in Montreal, Canada leaves three dead including suspect
-
Oil falls as US waives Iranian sanctions and Nasdaq tumbles
-
Balogun chases 'inevitable' Messi in wild Golden Boot race
-
Defeated Colombian leftist calls for calm after post-vote violence
-
Belgium's Doku becomes father after World Cup controversy
-
Messi sets World Cup scoring record as Argentina down Austria
-
Magic Messi makes World Cup history to send Argentina into last 32
-
French TV presenter stood down over Doku World Cup comments
-
Ghana coach Queiroz says playing England 'easiest' World Cup game
-
Messi sets World Cup scoring record with 17th goal
-
Former Bayern stalwart Demichelis takes over at RB Leipzig
-
Colombian leftist candidate calls for calm after post-vote violence
-
Andy Burnham: 'King of the North' with Downing Street in his sights
-
Britons cautiously optimistic after PM's resignation
-
Latest developments in Europe's heatwave
-
Draper makes winning return at Eastbourne with Murray on his side
-
IMF director says Iran war fallout creating 'difficult moment' for Africa
-
Argentina fans defiant, 40 years on from Maradona's 'Hand of God'
-
Hormuz: Traffic flows despite Iran's closure announcement
-
Wikipedia won't let AI edit articles, cofounder says
-
Clive Davis: the starmaker who shaped modern music
-
Uncapped Coles named in England's T20 squad to face India
-
Qatar gas plant blast kills 13, injures dozens
-
Andy Burnham: 'King of the North' eyes Downing Street throne
-
Oil falls as US waives Iranian crude sanctions
-
Dangerous 'heat stress' has surged worldwide, study shows
-
England captain Itoje rested for Nations Championship
-
Interstellar comet likely far older than Solar System: astronomers
-
Antoine Semenyo, Ghana's man on the inside and England threat
-
Man Utd secure land for proposed new 100,000-capacity stadium
-
Two children found dead in car as France faces hottest day of heatwave
-
US suspends Iran oil sanctions, says nuclear inspectors to return
-
Two children die in France as heatwave blasts Europe
-
Stokes and Atkinson cleared by Cricket Regulator after nightclub incident
-
Ex-Wimbledon champion Vondrousova banned four years for refusing drugs test
-
Veteran Le Roy named new coach of Congo
-
Milan-Cortina chief Malago elected new head of Italian FA
-
Germany's Schlotterbeck out of World Cup with ankle injury
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
D.Schaer--VB
