Philippines health insurer hacked: What we know
/ Photo: © AFP
-
Costa Rica closes Havana embassy, tells Cuba to withdraw diplomats
-
NY's New Museum returns contemporary to heart of Manhattan
-
Cesar Chavez, icon of US labor movement, accused of serial sex abuse: report
-
Barcelona demolish Newcastle 7-2 to reach Champions League quarters
-
US Fed raises inflation outlook over 'uncertain' Iran war impact
-
Trump nominee for Homeland Security chief grilled at fiery Senate hearing
-
First international aid convoy arrives in crisis-hit Cuba
-
Eight killed during Rio police operation, including drug kingpin
-
Iran suffers new blow as Israel kills intel chief
-
Slovakia curbs diesel sales, ups prices for foreigners
-
Oscar-winner Sean Penn meets troops in frontline Ukraine
-
Thousands rally in Istanbul to mark year since mayor's arrest
-
WNBA, players union agree 'transformative' labor deal: official
-
US Fed holds rates unchanged over 'uncertain' Iran war implications
-
Senegal govt calls for investigation into Cup of Nations decision
-
From Faraja to Sepah: Iran's multiple security forces
-
Billionaire Dyson buys 50 percent stake in Bath rugby
-
Senegal demands 'corruption' probe over AFCON decision as Morocco defend appeal
-
The platypus is even weirder than thought, scientists discover
-
PSG's Barcola ruled out for several weeks with ankle injury
-
Colombia detains suspect in 2023 killing of Ecuador politician
-
Iran condemned as UN maritime body holds emergency talks on Mideast shipping
-
Iraqi Kurdish shepherds stoic in face of yet another war
-
Iran women's football team return after asylum tussle
-
US launches new era of drug war with Latin American allies
-
How many cargo ships are passing Hormuz strait?
-
'Free France': Macron reveals name of Europe's largest warship
-
Oil surges as Iran gas facilities hit, stocks slide
-
Foreign press group slams Israeli police for breaking journalist's wrist
-
Aston Villa want to be more than 'maybe team' in Europa League quest
-
McIlroy happy with back injury recovery as Masters looms
-
Vinicius 'should be loved by everyone' says Donnarumma after celebration row
-
Iran was not rebuilding nuclear enrichment, US intelligence finds
-
Carrick urges England boss Tuchel to call up United trio
-
Three sporting champions to be stripped of titles for non-doping reasons
-
Chilean GDP beats 2025 forecast despite mining dip
-
Storms, warm seas drove sudden drop in Antarctic ice: study
-
Aston Villa want to be more than a 'maybe team' in quest for Europa League
-
Trump administration takes steps to curb energy cost hikes
-
Vaccines facing misinformation spike: WHO experts
-
'Happened so fast': UK students panicked by meningitis outbreak
-
WNBA, players union agree 'transformative' labor deal: reports
-
Global music market grows, calls for AI compensation: industry body
-
Maiduguri bombings follow surge of jihadist violence in Nigeria
-
Belgian court suspends TotalEnergies climate trial
-
Troubled waters: Thai fishermen marooned by rising fuel costs
-
Doku adamant Man City still have plenty to play for after Champions League exit
-
Afghanistan vows to avenge deadly Kabul bombing but says open to talks
-
Stocks fall, oil surges as US inflation jumps and Israel strikes gas facilities
-
Nigerian president meets royals on 'historic' UK state visit
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
D.Schaer--VB