Medical health insurance corporate hack in Philippines: What we all know

Hackers have stolen the private knowledge of doubtless tens of millions of folks from the Philippines’ nationwide medical insurance corporate, which prompt individuals to switch their passwords after a “frightening” cyberattack.

Hackers started publishing recordsdata containing secret memos of stolen knowledge to drive the federal government to pay a $300,000 ransom.

Here is what we all know to this point concerning the assault found out through Philippine Well being Insurance coverage (PhilHealth) on September 22:

What did the hackers thieve?

PhilHealth and the federal government have no longer but decided precisely what number of people have been affected, however the insurer warned individuals in a realize that knowledge reminiscent of addresses, telephone numbers and insurance coverage IDs have been compromised.

As of June 30, consistent with its website online, PhilHealth had greater than 59 million direct and oblique shareholders — greater than part of the Philippines’ inhabitants.

PhilHealth requested individuals to observe bank card transactions and alter passwords, particularly for monetary products and services.

One after the other, worker knowledge was once additionally stolen from the focused computer systems.

The hackers posted some knowledge at the darkish internet, appearing well being diaries and different knowledge {that a} senior govt reputable described as confidential.

The investigation into the dimensions of the assault remains to be ongoing, however the Nationwide Privateness Fee described the volume of stolen knowledge as “astonishing.”

Who’re hackers and what do they would like?

The Philippine govt referred to the attackers because the Medusa Workforce, who demanded $300,000 to regain get right of entry to to PhilHealth computer systems and delete stolen knowledge.

MedusaLocker, which was once first found out in overdue 2019, has been used to basically goal healthcare organizations, and its creators in particular took benefit of the emergency all the way through the COVID-19 pandemic, consistent with a US govt file.

The ransomware has been bought to prison actors, and a US govt cybersecurity guide stated its writer receives a portion of any ransom.

It was once no longer transparent whether or not the Medusa team known through the Philippine govt was once the writer of MedusaLocker or the entity that bought it.

How did they get the knowledge?

On September 22, PhilHealth staff have been not able to get right of entry to a variety of computer systems, which displayed a message pointing out that hackers had locked down the units and encrypted knowledge.

The insurance coverage corporate close down affected techniques to check out to forestall the assault from spreading, slowing down or preventing some on-line products and services solely for a number of days.

The federal government has no longer but stated precisely how the hackers won get right of entry to to the computer systems.

However in interviews with native media final week, Israel Bargas, a senior PhilHealth reputable, stated the insurer didn’t have anti-virus tool on the time of the assault.

How did the federal government reply?

With an particular “no”. The Philippines does no longer pay ransom in any prison circumstances, together with cyberattacks, officers stated.

Then again, as hackers free up extra knowledge from stolen recordsdata, calls have grown for the federal government to habits a evaluation of its cyber defences.

The Nationwide Privateness Fee stated on Saturday that it has introduced an investigation into any conceivable loopholes and violations of the knowledge regulation through PhilHealth.

The Nationwide Other folks’s Congress stated its research of 734 gigabytes of stolen knowledge published “delicate private knowledge,” and warned the general public that any one downloading this data may just face prison fees.

© 2023 Agence France-Presse