Skip to main content

Philippines Health Insurer's Data Hacked, Posted On Dark Web

Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.

The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.

Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:

What did the hackers steal?

PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.

As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.

PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.

Separately, employee information was also stolen from the targeted computers.

The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.

An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".

Who are the hackers, and what do they want?

The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.

MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.

The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.

It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.

How did they get the data?

On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.

The insurer shut down the affected systems to try and stop the attack

from spreading, slowing or entirely shutting down some online services for days.

The government has so far not said exactly how hackers got access to the computers.

But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.

How has the government responded?

With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.

However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.

The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.

The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.

(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)



from NDTV News-World-news https://ift.tt/e3j2fn4

Comments

Post a Comment

Popular posts from this blog

Muhammad Now The Most Popular Name For A Baby In Great Britain, Data Shows

427 years after William Shakespeare wrote it for the first time in the great "tragedy" Romeo & Juliet, England is asking the quintessential question - "What's in a name?" - And this time wondering what significance that question might hold in another 42.7 years. The Department of Statistics in the United Kingdom has revealed in its latest dataset that Muhammad is officially the most popular name for a newborn boy in England and Wales. More than 4,600 babies were registered with that name in 2023 - the highest for a boy. Muhammad was the second-most popular name in 2022 as well. Noah, once the most popular name in UK, came a distant second this year, according to the Office for National Statistics or ONS. But the staff at Great Britain's statistical office has in-fact been observing the trend for a while now. Jotting down the most popular names in the UK, besides other important statistics, it revealed that Muhammad has been among the top 10 names for...
Post a Comment
Read more

US Issues $25-Million Bounty On Venezuela President On Day Of His Oath

Venezuelan President Nicolas Maduro, whose nearly 12 years in office have been marked by deep economic and social crisis, was sworn in for a third term on Friday, despite a six-month-long election dispute, international calls for him to stand aside and an increase in the US reward offered for his capture. Maduro, president since 2013, was declared the winner of July's election by both Venezuela's electoral authority and top court, though detailed tallies confirming his victory have never been published. Venezuela's opposition says ballot box-level tallies show a landslide win for its former candidate Edmundo Gonzalez, who is recognized as president-elect by several countries including the United States. International election observers said the vote was not democratic. The months since the election have seen Gonzalez's flight to Spain in September, his ally Maria Corina Machado going into hiding in Venezuela, and the detentions of high-profile opposition figures and ...
Post a Comment
Read more

It's Official, Kamala Harris Is Democratic Candidate For US Election

US Vice President Kamala Harris effectively secured the Democratic party's presidential nomination Friday, confirming her remarkable rise to party standard bearer in November's showdown against Republican Donald Trump. Kamala Harris was the sole candidate on the ballot for a five-day electronic vote of nearly 4,000 party convention delegates. She will be officially crowned at a Chicago convention later this month. "I am honored to be the presumptive Democratic nominee for President of the United States," Kamala Harris, 59, said on a phone-in to a party celebration after securing enough votes by the second day of the marathon vote. In the two weeks since President Joe Biden ended his reelection bid, Kamala Harris has gained full control of the party. No other Democrats stepped forward to challenge her elevation to the top of the ticket, making her confirmation as the first Black and South Asian woman ever to secure a major party's nomination a formality. The a...
Post a Comment
Read more