Here are the recent updates on the cyber attack against PhilHealth.
PhilHealth admitted that some members’ personal data had been compromised, such as name, address, date of birth, sex, phone number, and PhilHealth identification number. However, the state insurer assured that “the primary database is still intact and not infected.”
Hackers threatened to leak data that they obtained using the Medusa Ransomware.
Philhealth is working to notify all affected individuals. Those who did not receive any texts may not be affected. However, PhilHealth urges them to:
- Monitor credit reports for any unauthorized activity
- Place a fraud alert on their credit reports
- Change the passwords for all online accounts, especially financial accounts
- Be wary of Phishing emails and smishing texts
In a press briefing, PhilHealth President and CEO Emmanuel Ledesma Jr. said no ransom money would be released.
“Isang araw nalang diba? Antayin nalang natin yung bluff nila,”
said Emmanuel Ledesma Jr.
“Let’s just be vigilant. Hopefully, the public can determine what’s right and what’s not,”
he added.
Three out of eight PhilHealth Internal systems, such as the corporate website, member portal, and e-claims, are back online.
In a more recent update, PhilHealth has stated that only their employees’ identification cards have been leaked online so far. According to Dr. Israel Francis Pargas, the membership, financial, and claims data are still safe.
“There are workstations wherein the computers of our employees were involved or hacked, and I think some of the data that were gotten by these hackers were from these,”
said Pargas.
Moreover, the Department of Information and Communications Technology’s USec. Jeffrey Dy stated that all information taken from the PhilHealth System has not yet been verified. The information they have as of now is photos of the IDs of PhilHealth Employees, Government Service Insurance System (GSIS) cards, and payroll have been compromised.
