Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
DeChambeau wins back-to-back LIV Golf play-offs
-
Sunderland inflict more derby pain on Newcastle
-
Nepali youth demand release of govt report into deadly September uprising
-
US, Iran trade threats to target infrastructure in Middle East
-
Paris doubles up with super-G victory at World Cup finals
-
Dortmund part ways with sporting director Kehl
-
Russia resumes use of space launch site damaged in accident
-
Cuba scrambles to restore power after new blackout
-
Senegal's Idrissa Gueye ready to 'hand back' AFCON medals
-
New Zealand's Walsh bags fourth world indoor gold
-
Goggia claims first super-G title after victory in Kvitfjell
-
Slovenia votes in tight polls, with conservatives eyeing comeback
-
A herd stop: Train kills 3 rare bison in Poland
-
Vietnam, Russia to sign energy deal: Hanoi
-
American Gumberg triumphs in Hainan for second DP World Tour win
-
South Africa clinch 19-run win over New Zealand in fourth T20
-
Iran threatens Middle East infrastructure after Trump ultimatum
-
French elect mayors in key cities including Paris
-
'They beat us with whips': Sudan RSF detainees tell of horrors in El-Fasher
-
Australia's Hannah Green wins historic third tournament in a row
-
China's premier vows to expand global 'trade pie': state media
-
Belgium commemorates Brussels attacks 10 years on
-
Sri Lanka raises fuel prices by 25 percent as war bites
-
Rights groups fear use of arrest to stifle free speech in Pakistan
-
Iranian missiles sow panic, destruction in Israeli towns
-
Damaged Russian tanker to be towed to Libya: state-owned company
-
Gilgeous-Alexander scores 40, LeBron breaks NBA appearance record
-
Cuba hit by second nationwide blackout in a week
-
BTS draws over 100,000 fans to Seoul comeback concert: label
-
US-China 'Board of Trade' may help ties but experts flag market worries
-
Sinner, defending champ Mensik advance to third round at Miami Open
-
Iran missile strikes wound over 100 in two south Israel towns
-
Shai hits 40 as Thunder win despite NBA melee with four ejected
-
Records shattered as US heatwave moves eastward
-
Iran missiles hit southern Israel, injuring more than 100
-
LeBron James breaks record for most NBA games played
-
'Perfect' PSG sweep past Nice to reclaim top spot in Ligue 1
-
Japan coach says Asian Cup crown 'well-deserved' for inspirational team
-
PSG sweep past Nice to reclaim top spot in Ligue 1
-
Robert Mueller, ex-FBI chief who led Trump-Russia probe, dead at 81
-
Milan move to within five points of Serie A leaders Inter
-
Duplantis masterclass as Kerr and record-setter Ehammer shine
-
Rosenior urges Chelsea to 'forget the noise' after damaging loss
-
Marquez ambushed Di Giannantonio to win Brazil sprint
-
Sweden's Duplantis wins fourth world indoor pole vault title
-
Liverpool, Chelsea slip up in Champions League race
-
WHO sends first overland convoy from emergencies hub to Beirut
-
Everton rub salt in Chelsea wounds as Champions League race tightens
-
Coach Mignoni returns but Toulon crash to Stade Francais
-
Robert Mueller, ex-FBI chief who led Trump-Russia inquiry, dead at 81
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
V.Fontes--PC
