Skip to main content

Philippines Health Insurer's Data Hacked, Posted On Dark Web

Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.

The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.

Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:

What did the hackers steal?

PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.

As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.

PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.

Separately, employee information was also stolen from the targeted computers.

The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.

An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".

Who are the hackers, and what do they want?

The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.

MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.

The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.

It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.

How did they get the data?

On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.

The insurer shut down the affected systems to try and stop the attack

from spreading, slowing or entirely shutting down some online services for days.

The government has so far not said exactly how hackers got access to the computers.

But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.

How has the government responded?

With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.

However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.

The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.

The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.

(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)



from NDTV News-World-news https://ift.tt/e3j2fn4

Comments

Post a Comment

Popular posts from this blog

UK-Born Italian Teen To Become Catholic Church's First Millennial Saint

A London-born Italian teenager who spent his short life spreading the faith online will become the Catholic Church's first millennial saint, after the Vatican attributed to him a second miracle. Carlo Acutis, who died of leukaemia in 2006 aged 15, was beatified four years ago after the Vatican ruled he had miraculously saved another boy's life. He will now become a saint after Pope Francis approved another miraculous act, an intercession on behalf of a young woman in Florence who suffered severe head trauma in July 2022. Carlo was born in London on May 3, 1991, to Italian parents, and moved with them to Milan as a young boy, where he grew up with a huge interest in computers. "He was considered a computer genius... But what did he do? He didn't use these media to chat and have fun," his mother Antonia Salzano said in an interview with Vatican News at the time of his 2020 beatification. Instead, "his zeal for the Lord" drove him to make a website on ...
Post a Comment
Read more

US Has Agreed To Send More Bombs, Warplanes To Israel: Report

The US in recent days authorized the transfer of billions of dollars worth of bombs and fighter jets to Israel, two sources familiar with the effort said on Friday, even as Washington publicly expresses concerns about an anticipated Israeli military offensive in Rafah. The new arms packages include more than 1,800 MK84 2,000-pound bombs and 500 MK82 500-pound bombs, said the sources, who confirmed a report in the Washington Post. Washington gives $3.8 billion in annual military assistance to Israel, its longtime ally. The package comes as Israel faces strong international criticism over its continued bombing campaign and ground offensive in Gaza and as some members of President Joe Biden's party call for him to cut US military aid. The United States has been rushing air defenses and munitions to Israel, but some Democrats and Arab American groups have criticized the Biden administration's steadfast support of Israel, which they say provides it with a sense of impunity. Bid...
Post a Comment
Read more

UK In 'Diplomatic Contact' With Syrian Rebels After Bashar Al-Assad's Ouster

Britain's foreign minister said Sunday that London had established diplomatic contact with the Hayat Tahrir al-Sham (HTS) rebel group in Syria, which led the offensive that ousted Bashar al-Assad. They remain "a proscribed terrorist organisation, but we can have diplomatic contact and so we do have diplomatic contact, as you would expect", said Foreign Secretary David Lammy. "We want to see a representative government, an inclusive government. We want to see chemical weapons stockpiles secured, and not used, and we want to ensure that there is not continuing violence," he added. "So, for all of those reasons, using all the channels that we have available, and those are diplomatic and of course intelligence-led channels, we seek to deal with HTS where we have to." (Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.) from NDTV News-World-news https://ift.tt/ybLIfjx
Post a Comment
Read more