Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Trump says 'clock ticking' for Iran as peace negotiations stall
-
Hong Kong court hears closing arguments in Tiananmen activists' trial
-
World Cup duo Ghana, Cape Verde not among AFCON top seeds
-
African players in Europe: Daring Semenyo wins final for City
-
Kenya's new poaching problem: smuggling Giant Harvester Ants
-
WHO kicks off annual assembly amid hantavirus, Ebola crises
-
S. Korean blockbuster 'Hope' underscores growing film ambition
-
Train driver charged after deadly Bangkok bus collision
-
Angry Chinese table tennis fans demand apology for flag gaffe
-
India's lifeline ferry across strategic archipelago
-
Encroaching world threatens India's last 'uncontacted' tribe
-
India's strategic $9 bn megaport plan for pristine island
-
In Tierra del Fuego, a hunt for the rodent carrier of hantavirus
-
Mitchell leads Cavs past top-seeded Detroit into NBA East finals
-
China's April consumption, factory output growth slowest in years
-
Asian stocks sink, oil rises on US-Iran deadlock
-
Cleveland Cavaliers eliminate top-seeded Detroit from NBA playoffs
-
Who could be the 2026 World Cup's breakout star?
-
Humble PGA champ Rai celebrates English, Indian, Kenyan heritage
-
Hantavirus-hit cruise ship nears end of voyage, to dock in Rotterdam
-
He said, she said, AI said: Wall Street sex scandal rivets and confounds
-
UN General Assembly to take up climate change 'obligations' resolution
-
Four takeaways from Musk vs OpenAI trial
-
Jury to decide fate of Musk's blockbuster suit against OpenAI
-
Frustrated McIlroy drops F-bomb in exchange with PGA heckler
-
Defending champion Palou storms to Indy 500 pole
-
Messi shines as Inter Miami finally win at new stadium
-
Shai Gilgeous-Alexander wins second straight NBA MVP award
-
White House mass prayer event seeks to reclaim US Christian roots
-
International dive group joins Maldives search for missing Italians
-
'Staggering' Iran toll drives up global executions: Amnesty
-
Agronomics Limited Announces Net Asset Value Calculation as at 31 March 2026
-
Santa Barbara Schools Sexual Assault Complaint by Veen Firm
-
InterContinental Hotels Group PLC Announces Transaction in Own Shares - May 18
-
Rai wins first major at PGA with back-nine birdie blitz
-
Woad bags second LPGA title at Queen City Championship
-
Lebanon says Israeli strikes kill 7 as Hezbollah condemns talks
-
Revived La Rochelle trounce Top 14 leaders Toulouse
-
PSG beaten by Paris FC in Ligue 1 as Lille qualify for Champions League
-
Griezmann apologetic on emotional Atletico Madrid farewell
-
Raging Neymar forced off by refereeing error as Santos lose
-
Sinner extends Masters tournament streak on home turf, eyes French Open
-
Canadian cruise passenger confirmed positive for hantavirus
-
England see off gutsy France to clinch another Women's Six Nations
-
Sevilla safe despite Real Madrid defeat, Mallorca on brink
-
UK police detail arrests after far-right rally and counter demo
-
Smalley tees off with PGA lead and stars in hot pursuit
-
Trump issues dire warning to Iran to accept peace deal
-
West Ham on brink of Premier League relegation, Man Utd seal third
-
Bulgaria's Eurovision winner flies home to rapturous welcome
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
T.Ward--AMWN