Philippines health insurer hacked: What we know
/ Photo: © AFP
-
Oil drops, stocks climb as Trump delays Iran move
-
UK MPs vote in favour of assisted dying law in historic step
-
Bangladesh's lead over Sri Lanka nears 200 in first Test
-
Dutch footballer Promes extradited over cocaine smuggling case
-
World Bank and IMF climate snub 'worrying': COP29 presidency
-
Liverpool agree deal for Bournemouth's Kerkez: reports
-
UK probes Amazon over suspected late payments to food suppliers
-
Sinner says early Halle exit gives him more time to prepare for Wimbledon
-
England strike back against India in first Test
-
Netanyahu's other battle: swinging Trump and US behind Iran war
-
French champagne makers face prison in human trafficking trial
-
Oil drops, European stocks climb as Trump delays Iran move
-
Kiwi sailing legend Burling joins Italy's America's Cup team
-
US singer Chris Brown pleads not guilty in UK assault case
-
UK MPs debate assisted dying law ahead of key vote
-
Second woman accuses French senator of drugging her
-
Russian government, central bank spar over economic downturn
-
Thai PM meets army commander in attempt to defuse political crisis
-
More microplastics in glass bottles than plastic: study
-
Top Iran, EU diplomats to hold nuclear talks
-
Armenia PM arrives in Turkey for 'historic' visit
-
Salah among nominees for PFA Player of the Year award
-
EU bars Chinese firms from major state medical equipment contracts
-
Three-time world champion figure skater Sakamoto to retire
-
Crude sinks as Trump delays decision on Iran strike
-
US appeals court allows Trump control of National Guard in LA
-
Monsters and memes: Labubu dolls ride China soft-power wave
-
Chad hopes 'green charcoal' can save vanishing forests
-
'Turkish salmon': the Black Sea's new rose-coloured gold
-
Rays pitcher Bigge hospitalized after being struck by foul ball
-
PSG stunned by Botafogo after Messi lights up Club World Cup
-
Thunder ready to play for all the marbles - Gilgeous-Alexander
-
Europe's lithium quest hampered by China and lack of cash
-
Japan-US-Philippines hold coast guard drills with eye on China
-
Richards strike gives USA spot in Gold Cup quarters
-
Pacers thrash Thunder to stay alive in NBA Finals
-
Cheap alms bowls imports hit Sri Lanka makers, monks
-
Pacers demolish Thunder to stay alive in NBA Finals
-
PSG stunned by Botafogo in Club World Cup upset
-
Peru gas workers find thousand-year-old mummy
-
UK MPs to hold crunch vote on assisted dying
-
Australian trial says tech for social media teen ban can work
-
Thai PM to meet army commander to defuse political crisis
-
Rice prices double in Japan as inflation accelerates
-
Summoning golden Olympic memories, Paris parties like it's 2024
-
Peru's Maido named world's top restaurant on 50 Best list
-
US singer Chris Brown in London court on assault case
-
Thailand credits prey releases for 'extraordinary' tiger recovery
-
Can NATO keep Trump on-message about Russia threat?
-
Australia drop struggling Labuschagne for first West Indies Test
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
D.Schaer--VB
