Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Venezuelan activist ends '1,675 days' of suffering in prison
-
Real Madrid scrape win over Rayo, Athletic claim derby draw
-
PSG beat Strasbourg after Hakimi red to retake top spot in Ligue 1
-
NFL Cardinals hire Rams' assistant LaFleur as head coach
-
Arsenal scoop $2m prize for winning FIFA Women's Champions Cup
-
Atletico agree deal to sign Lookman from Atalanta
-
Real Madrid's Bellingham set for month out with hamstring injury
-
Man City won't surrender in title race: Guardiola
-
Korda captures weather-shortened LPGA season opener
-
Czechs rally to back president locking horns with government
-
Prominent Venezuelan activist released after over four years in jail
-
Emery riled by 'unfair' VAR call as Villa's title hopes fade
-
Guirassy double helps Dortmund move six points behind Bayern
-
Nigeria's president pays tribute to Fela Kuti after Grammys Award
-
Inter eight clear after win at Cremonese marred by fans' flare flinging
-
England underline World Cup
credentials with series win over Sri Lanka
-
Guirassy brace helps Dortmund move six behind Bayern
-
Man City held by Solanke stunner, Sesko delivers 'best feeling' for Man Utd
-
'Send Help' debuts atop N.America box office
-
Ukraine war talks delayed to Wednesday, says Zelensky
-
Iguanas fall from trees in Florida as icy weather bites southern US
-
Carrick revels in 'best feeling' after Man Utd leave it late
-
Olympic chiefs admit 'still work to do' on main ice hockey venue
-
Pope says Winter Olympics 'rekindle hope' for world peace
-
Last-gasp Demirovic strike sends Stuttgart fourth
-
Sesko strikes to rescue Man Utd, Villa beaten by Brentford
-
'At least 200' feared dead in DR Congo landslide: government
-
Coventry says 'sad' about ICE, Wasserman 'distractions' before Olympics
-
In-form Lyon make it 10 wins in a row
-
Man Utd strike late as Carrick extends perfect start in Fulham thriller
-
Van der Poel romps to record eighth cyclo-cross world title
-
Mbappe penalty earns Real Madrid late win over nine-man Rayo
-
Resurgent Pakistan seal T20 sweep of Australia
-
Fiji top sevens standings after comeback win in Singapore
-
Alcaraz sweeps past Djokovic to win 'dream' Australian Open
-
Death toll from Swiss New Year bar fire rises to 41
-
Alcaraz says Nadal inspired him to 'special' Australian Open title
-
Pakistan seeks out perpetrators after deadly separatist attacks
-
Ukraine war talks delayed to Wednesday, Zelensky says
-
Djokovic says 'been a great ride' after Melbourne final loss
-
Von Allmen storms to downhill win in final Olympic tune-up
-
Carlos Alcaraz: tennis history-maker with shades of Federer
-
Alcaraz sweeps past Djokovic to win maiden Australian Open title
-
Israel says partially reopening Gaza's Rafah crossing
-
French IT giant Capgemini to sell US subsidiary after row over ICE links
-
Iran's Khamenei likens protests to 'coup', warns of regional war
-
New Epstein accuser claims sexual encounter with ex-prince Andrew: report
-
Italy's extrovert Olympic icon Alberto Tomba insists he is 'shy guy'
-
Chloe Kim goes for unprecedented snowboard halfpipe Olympic treble
-
Pakistan combing for perpetrators after deadly separatist attacks
NYSE - LSE
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
M.O.Allen--AT
