Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Trump attacks US electoral system with call to 'nationalize' voting
-
Barry Manilow cancels Las Vegas shows but 'doing great' post-surgery
-
US households become increasingly strained in diverging economy
-
Four dead men: the cold case that engulfed a Colombian cycling star
-
Super Bowl stars stake claims for Olympic flag football
-
On a roll, Brazilian cinema seizes its moment
-
Rising euro, falling inflation in focus at ECB meeting
-
AI to track icebergs adrift at sea in boon for science
-
Indigenous Brazilians protest Amazon river dredging for grain exports
-
Google's annual revenue tops $400 bn for first time, AI investments rise
-
Last US-Russia nuclear treaty ends in 'grave moment' for world
-
Man City brush aside Newcastle to reach League Cup final
-
Guardiola wants permission for Guehi to play in League Cup final
-
Boxer Khelif reveals 'hormone treatments' before Paris Olympics
-
'Bad Boy,' 'Little Pablo' and Mordisco: the men on a US-Colombia hitlist
-
BHP damages trial over Brazil mine disaster to open in 2027
-
Dallas deals Davis to Wizards in blockbuster NBA trade: report
-
Lens cruise into French Cup quarters, Endrick sends Lyon through
-
No.1 Scheffler excited for Koepka return from LIV Golf
-
Curling quietly kicks off sports programme at 2026 Winter Olympics
-
Undav pokes Stuttgart past Kiel into German Cup semis
-
Germany goalkeeper Ter Stegen to undergo surgery
-
Bezos-led Washington Post announces 'painful' job cuts
-
Iran says US talks are on, as Trump warns supreme leader
-
Gaza health officials say strikes kill 24 after Israel says officer wounded
-
Empress's crown dropped in Louvre heist to be fully restored: museum
-
UK PM says Mandelson 'lied' about Epstein relations
-
Shai to miss NBA All-Star Game with abdominal strain
-
Trump suggests 'softer touch' needed on immigration
-
From 'flop' to Super Bowl favorite: Sam Darnold's second act
-
Man sentenced to life in prison for plotting to kill Trump in 2024
-
Native Americans on high alert over Minneapolis crackdown
-
Dallas deals Davis to Wizards in blockbuster NBA deal: report
-
Panama hits back after China warns of 'heavy price' in ports row
-
Strike kills guerrillas as US, Colombia agree to target narco bosses
-
Wildfire smoke kills more than 24,000 Americans a year: study
-
Telegram founder slams Spain PM over under-16s social media ban
-
Curling kicks off sports programme at 2026 Winter Olympics
-
Preventative cholera vaccination resumes as global supply swells: WHO
-
Wales' Macleod ready for 'physical battle' against England in Six Nations
-
Xi calls for 'mutual respect' with Trump, hails ties with Putin
-
'All-time great': Maye's ambitions go beyond record Super Bowl bid
-
Shadow over Vonn as Shiffrin, Odermatt headline Olympic skiing
-
US seeks minerals trade zone in rare Trump move with allies
-
Ukraine says Abu Dhabi talks with Russia 'substantive and productive'
-
Brazil mine disaster victims in London to 'demand what is owed'
-
AI-fuelled tech stock selloff rolls on
-
White says time at Toulon has made him a better Scotland player
-
Washington Post announces 'painful' job cuts
-
All lights are go for Jalibert, says France's Dupont
NYSE - LSE
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
V.Fontes--PC
