Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
CBEX crypto scam: AI-hyped Ponzi scheme defrauds African investors
-
Inzaghi hails 'extraordinary' Al Hilal after City upset
-
Man City, Inter Milan crash out of Club World Cup in last 16
-
North Korea's Kim shown honouring troops killed in Russia-Ukraine war
-
Saudi's Al Hilal knock Man City out of Club World Cup in huge shock
-
'In our blood': Egyptian women reclaim belly dance from stigma
-
Online memorial for children dead in Hiroshima, Nagasaki
-
US Senate in final push to pass Trump spending bill
-
Asian stocks rise on trade deal hopes, Tokyo hit by tariff warning
-
Hong Kong rights record under fire as it marks China handover anniversary
-
Bangladeshis cling to protest dreams a year after revolution
-
Djokovic, Sinner enter Wimbledon fray
-
European security tops Denmark's EU presidency priorities
-
France expecting peak temperatures as heatwave hits Europe
-
Germany eye return to women's football summit at Euro 2025
-
'Every day I see land disappear': Suriname's battle to keep sea at bay
-
England feel pressure to perform at Euros as stars pull out
-
Clashes in Istanbul over alleged 'Prophet Mohammed' cartoon
-
India face 'last-minute' Bumrah call as they bid to level England series
-
Dortmund up against 'superstar' Ramos, aggressive Monterrey: Kovac
-
US judge orders Argentina to sell 51% stake in oil firm YPF
-
Pantheon Resources PLC Announces Change of Registered Office
-
EPA employees accuse Trump administration of 'ignoring' science
-
US Senate in final slog towards vote on Trump spending bill
-
Over 14 million people could die from US foreign aid cuts: study
-
End of the line for Britain's royal train
-
FIFPro warns of 'wake-up call' over extreme heat at Club World Cup
-
Sean Combs sex trafficking jury ends first day without decision
-
Fluminense stun Inter Milan to reach Club World Cup quarters
-
Thailand's ruling political dynasty faces day of legal peril
-
NASA eyes summer streaming liftoff on Netflix
-
Trump dismantles Syria sanctions program as Israel ties eyed
-
Meta's AI talent war raises questions about strategy
-
Twenty bodies, some headless, found in Mexican cartel bastion
-
Gaza rescuers say Israeli forces kill over 50 as ceasefire calls mount
-
Alcaraz survives scare, Sabalenka cruises on Wimbledon's hottest opening day
-
Only Messi can shirk defending: warns Monterrey coach before Dortmund clash
-
White House says Canada 'caved' to Trump on tech tax
-
Eight-country coalition aims to tax luxury air travel
-
Wimbledon qualifier Tarvet vows to get creative with expenses
-
Iran unleashes 'wave of repression' after Israel war: activists
-
Alcaraz survives Fognini scare to launch Wimbledon title defence
-
Peace deal with Rwanda opens way to 'new era', says DR Congo president
-
Kneecap, Bob Vylan Glastonbury sets spark police probe and global criticism
-
'Starvation' days over as cyclists prepare to gorge on Tour de France
-
Gaza rescuers say Israeli forces kill 48 as ceasefire calls mount
-
Sabalenka boosted by hitting with Djokovic and Sinner at Wimbledon
-
Nigeria theme park offers escape from biting economy
-
Jury considers verdict in Sean Combs sex trafficking trial
-
Wall Street stocks rally further on trade and tax deal optimism
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
T.Ward--AMWN
