Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Taiwan raids tech firms in China AI chip smuggling probe
-
Online same-sex romance series embrace AI 'freedom'
-
Morocco 'unstoppable' says coach after Netherlands thriller
-
New Oxford academic centre symbolises UK's big-donor era
-
Russia's small businesses pay the price of spiralling Ukraine war
-
Trump says Iran meeting set in Qatar, despite uncertainty
-
Paraguay shock Germany as Brazil, Morocco advance at World Cup
-
Morocco down Netherlands to reach World Cup last 16
-
NASA robot mission aiming to rescue space telescope
-
Asian stocks unable to track Wall St higher, yen holds at 40-year low
-
Mouse-that-roared Paraguay savors World Cup win over Germany
-
'We came from nothing': DR Congo dreams of England World Cup upset
-
Taiwan's ageing seaweed harvesters hope younger women wade in
-
Peruvian political heir Fujimori wins presidency
-
Key Venezuela port opens with US aid, as burials begin
-
What to expect as EU small parcel levy kicks in
-
Ambitious Japan search for answers after World Cup exit
-
Nagelsmann says won't 'run away' after Germany World Cup exit
-
How NATO will try to keep Trump happy at Ankara summit
-
Paraguay coach salutes 'extraordinary' World Cup win over Germany
-
Ultra-wealthy Chinese exile in New York sentenced to 30 years for fraud
-
Japan fans stunned as Brazil end their World Cup dream
-
Years on, families bury 68 Indigenous victims of Guatemala civil war
-
'Powerhouse' Haaland leads by example at World Cup: Norway coach Solbakken
-
'Deliberate' Monaco explosion wounds Ukrainian oligarch
-
Sadness and joy as breakaway Catholic group nears schism
-
Paraguay shock Germany, Brazil advance at World Cup
-
Guardian Metal Resources PLC Announces Pilot Mountain Pre-Feasibility Study Results
-
InterContinental Hotels Group PLC Announces Transaction in Own Shares - June 30
-
Creality Printers Review Site Help Buyers Compare Creality Printers
-
Tenstorrent Sets New Performance Records, Launches TT- Ascalon S, and Expands Across Japan
-
Germany dumped out by Paraguay in seismic World Cup shock
-
'I recognized her ring': identifying Venezuela's dead in a makeshift morgue
-
More than 1,000 drones detected since start of World Cup: FBI
-
Tuchel defensive headache as England ready for DR Congo clash
-
Extreme heat warning issued for World Cup host Kansas City
-
US reopens Venezuela port as quake deaths top 1,700
-
Bloodied but unbowed: Sinner, Djokovic survive Wimbledon scares
-
Coach says Japan getting closer to World Cup glory despite defeat
-
Djokovic battles past Wu in 'challenging' Wimbledon first round
-
NBA Grizzlies deal Morant to Portland: report
-
World Bank drops climate finance targets in renewed action plan
-
Sweden ready for 'game of our lives' in France World Cup clash
-
Ancelotti says never doubted 'suffering' Brazil would score
-
MLS Chicago Fire announce signing of Poland's Lewandowski
-
Venezuela's quake-hit La Guaira port 'operational': US military
-
Tech rebound lifts Dow to record, yen hits 40-year low against dollar
-
Martinelli late show as Brazil down Japan to reach World Cup last 16
-
US Supreme Court rules on dragnet searches of cellphone location data
-
Madueke says he can be England's World Cup game-changer
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
M.O.Allen--AT
