Philippines health insurer hacked: What we know
/ Photo: © AFP
-
Forest to make late decision on Gibbs-White fitness for Villa Europa semi
-
Malian singer Rokia Traore gets suspended jail in Belgian custody case
-
Disney shares jump after results top expectations
-
Cruise ship passenger with hantavirus being treated in Zurich
-
Ryanair's O'Leary urges pre-flight morning booze ban
-
Ghana artist's billboard campaign takes aim at fast fashion fallout
-
Hopes rise for Iran deal as US halts guiding ships in Hormuz
-
Biogas helps cut bills, deforestation in east DR Congo
-
Protests as Venice Biennale opens in turmoil over Russian presence
-
Zelensky says Russia choosing war as dual ceasefires falter
-
Paris gets taste of Nigeria's Nollywood
-
Simeone, Atletico at crossroads after Arsenal Champions League KO
-
Indonesia eyes e-commerce ban for under-16s: minister to AFP
-
Three evacuated from hantavirus-hit cruise ship
-
US pauses guiding ships through Hormuz, cites Iran deal hopes
-
Venezuela to ICJ: Rights to oil-rich region 'inalienable'
-
Former Russian insider says fear pushed elites to embrace Putin war
-
Evacuations 'ongoing' from hantavirus-hit cruise ship
-
Oil tumbles and stocks rally on peace hopes, Samsung tops $1 trillion
-
Asia football fans sweat on broadcast rights as World Cup nears
-
US pauses Hormuz escorts, Trump says progress on Iran deal
-
Cambodian PM's cousin says owned 30% of scam-linked firm
-
Hegseth's church brings its Christian nationalism to Washington
-
Afrobeats' Tiwa Savage nurtures Africa's future talent
-
Venice Biennale opens in turmoil over Russian presence
-
Philips profits double in first quarter
-
Strasbourg on verge of European final amid fan displeasure at owners BlueCo
-
Tradition, Trump and tennis: Five things about Pope Leo
-
100 years on Earth: Iconic naturalist Attenborough marks century
-
Bondi Beach mass shooting accused faces 19 extra charges
-
Ukraine reports strike as Kyiv's ceasefire due to begin
-
Australia says 13 citizens linked to alleged IS members returning from Syria
-
Thunder overpower Lakers, Pistons down Cavs
-
Boycott-hit 70th Eurovision celebrated under high security
-
Court case challenges New Zealand's 'magical thinking' climate plans
-
Iran war jolts China's well-oiled manufacturing hub
-
Oil sinks and stocks rally on peace hopes, Samsung tops $1 trillion
-
Infantino defends World Cup ticket prices
-
Pistons hold off Cavs to win series-opener
-
Rubio rising? Duel with Vance for 2028 heats up
-
Teen shooter kills two at Brazil school
-
US pauses Hormuz escorts in bid for deal, as threats continue
-
Judge orders German car-ramming suspect to psychiatric hospital
-
Fresh UAE attacks blamed on Iran draw new reality in the Gulf
-
Global Sports Brand U.S. Polo Assn. Delivers Record $2.7 Billion in Retail Sales for 2025, Targets $4 Billion and 1,500 U.S. Polo Assn. Stores
-
Transoft Solutions Acquires CADaptor Solutions
-
Arsenal on cusp of history after reaching Champions League final
-
Trump says pausing Hormuz operation in push for Iran deal
-
Wembanyama accused of 'obvious' illegal blocking
-
Musk 'was going to hit me,' OpenAI executive says at trial
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
D.Schaer--VB
