Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Scandic Trust Group strengthens sales network with First Idea Consultant
-
Musetti keeps ATP Finals hopes alive, joins Djokovic in Athens semis
-
England boss Borthwick wants 'brilliant' Marcus Smith to shine against Fiji
-
Piastri says he is confident he can recover and win drivers' title
-
Verstappen admits he may need a bit of 'luck' to haul in rivals in title race
-
Kazakhstan to join Abraham Accords as Trump pushes Mideast peace
-
'Moral failure': Leaders seek to rally world at Amazon climate talks
-
UN Security Council votes to lift sanctions on Syrian president
-
Democratic giant, trailblazer and Trump foe Nancy Pelosi to retire
-
World leaders ditch ties at sweaty climate summit
-
Dallas Cowboys' Marshawn Kneeland dies at 24
-
Rally outside Rockstar against GTA studio's 'union busting'
-
McLaren boss says would rather lose title than issue team orders
-
Sabalenka, top WTA stars urge Slams to revive 'stalled' negotiations
-
5 killed in Afghan-Pakistan border fire despite peace talks: official
-
Trump unveils deals to lower costs of some weight-loss drugs
-
Controversial Canadian ostrich cull order will go ahead
-
Mexico's Sheinbaum to boost reporting of sexual abuse after being groped
-
Zuckerbergs put AI at heart of pledge to cure diseases
-
Crypto giant Coinbase fined in Ireland for rule breaches
-
Lawson relieved as he reveals FIA support following Mexican near-miss
-
US set for travel chaos as flights cut due to govt shutdown
-
Sabalenka and Pegula book their spots in WTA Finals last four
-
'Our brother-in-law': Arab world embraces New York's new mayor
-
France boss Deschamps would prefer to 'avoid playing' on Paris attacks anniversary
-
Pegula sweeps past Paolini to reach WTA Finals last four
-
Bolivian ex-president Anez leaves prison after sentence annuled
-
Stocks slide as investors weigh data, interest rate cuts
-
UN says 2025 to be among top three warmest years on record
-
Fleetwood and Lowry lift each other into Abu Dhabi lead
-
Fleetwod and Lowry lift each other into Abu Dhabi lead
-
New Zealand make changes after Barrett brothers' injuries as Scotland drop Van der Merwe
-
Dallas Cowboys' Marshawn Kneeland dies at 24: franchise
-
Pegula dispatches Paolini to keep WTA Finals semis bid alive
-
Dutch giants Ajax sack coach John Heitinga
-
Kirchner on trial in Argentina's 'biggest ever' corruption case
-
Amorim urges Man Utd to 'focus on future' after Ronaldo criticism
-
US judge drops criminal charges against Boeing over 737 MAX 8 crashes
-
World must face 'moral failure' of missing 1.5C: UN chief to COP30
-
UK grandmother leaves Indonesia death row to return home
-
Garcia broken nose adds to Barca defensive worries
-
Tight UK security ahead of match against Israeli club
-
Ethiopia's Afar region says attacked by Tigray forces
-
Nancy Pelosi, Democratic giant, Trump foe, first woman House speaker, to retire
-
Israel strikes Hezbollah targets in Lebanon
-
Burger strikes as South Africa restrict Pakistan to 269-9 in second ODI
-
Stocks slip as investors weigh earnings, tariffs
-
Police say 19 held after raid at Swedish start-up Stegra to be deported
-
Kante returns as France seek to clinch World Cup berth
-
Marcus Smith starts at full-back as England ring changes for Fiji
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
T.Ward--AMWN
