Philippines health insurer hacked: What we know
/ Photo: © AFP
-
US automakers report mixed sales as car market awaits war impact
-
Astronauts begin NASA lunar mission after climactic blast-off
-
Astronauts blast off for historic US lunar journey
-
Embattled Woods won't captain 2027 Ryder Cup team: PGA of America
-
Judge allows Woods to travel overseas for treatment
-
Chelsea's Bompastor furious as Arsenal reach women's Champions League semis
-
US lifts sanctions on Venezuelan interim leader Delcy Rodriguez
-
Arsenal resist Chelsea rally to reach women's Champions League semis
-
Defending champ Pegula wins WTA Charleston opener
-
New frog species carrying eggs on back discovered in Peru
-
Benfica winger Prestianni denies 'ugly' racism claims
-
Tuchel casts doubt on Foden's World Cup chances
-
Slot hoping Salah can still burnish Liverpool legacy
-
Astronauts strapped in for historic US lunar launch
-
Top World Bank official 'extremely concerned' by fallout of Iran war
-
'Wake-up call': Megan Thee Stallion falls ill during Broadway show
-
Canada's defense enters new phase, Arctic in focus: top military officer
-
France charges man over failed attack on US bank
-
Bayern reach women's Champions League semis after late show sinks United
-
SpaceX files to go public, paving way for record stock offering
-
Delhi make winning start to IPL as Rizvi downs LSG
-
Final ticket sales phase begins for FIFA World Cup
-
Supreme Court skeptical of Trump bid to end birthright citizenship
-
Tractors roll through Vienna as farmers protest
-
PGA Tour, Masters chairman support Tiger recovery pause
-
World Cup winner Goetze extends contract at Frankfurt
-
SpaceX files securities documents to go public: source
-
Armenia cannot be in both EU and Russian customs bloc, Putin says
-
Supreme Court hears landmark citizenship case -- with Trump in audience
-
Chelsea announce record pre-tax loss of £262.4 million
-
Stocks rally, oil drops on Mideast war optimism
-
Starmer says UK to host multi-nation meeting on Hormuz shipping
-
Greece train crash trial resumes after courtroom chaos
-
Trump says Iran asks for ceasefire as Tehran hit by fresh strikes
-
Swiss government eyes dropping purchase of US Patriot air defence system
-
Germany halts rescue efforts for stranded whale
-
IndiGo lands IATA chief Willie Walsh as new CEO
-
Late charging Ganna denies Van Aert at Across Flanders
-
'Embarrassed' Spain probes anti-Muslim chants at Egypt friendly
-
Family of man killed in 2020 arrest to sue French state
-
The 'million dollar' Senna helmet bought at Japan GP
-
Could NATO be collateral damage from Trump's Iran war?
-
Supreme Court hearing landmark citizenship case -- with Trump in audience
-
Three go on trial in Germany over plot to overthrow government
-
Anderson backs England for Australia revenge despite Ashes woes
-
Italy's sport minister asks football chief to step down after World Cup disaster
-
Cambodia extradites accused cyberscam boss to China
-
Supreme Court to hear landmark citizenship case -- with Trump in audience
-
UK police arrest three more over Jewish ambulance attack
-
Wallaby Skelton has 'season cut short' by Achilles injury
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
F.Müller--BTB
