Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Trump's Pentagon chief under fire as scandals mount
-
England's Archer takes pillow to second Ashes Test in 'shocking look'
-
Australia skipper Cummins 'good to go' for Adelaide Test
-
Mexico's Sheinbaum holds huge rally following major protests
-
Salah tirade adds to Slot's troubles during Liverpool slump
-
Torres treble helps Barca extend Liga lead, Atletico slip
-
PSG thump Rennes but Lens remain top in France
-
Salah opens door to Liverpool exit with 'thrown under the bus' rant
-
Two eagles lift Straka to World Challenge lead over Scheffler
-
Messi dazzles as Miami beat Vancouver to win MLS title
-
Bielle-Biarrey strikes twice as Bordeaux-Begles win Champions Cup opener in S.Africa
-
Bilbao's Berenguer deals Atletico another Liga defeat
-
Salah opens door to Liverpool exit after being 'thrown under the bus'
-
Bethlehem Christmas tree lit up for first time since Gaza war
-
Slot shows no sign of finding answers to Liverpool slump
-
New Zealand's Robinson wins giant slalom at Mont Tremblant
-
Liverpool slump self-inflicted, says Slot
-
Hundreds in Tunisia protest against government
-
Mofokeng's first goal wins cup final for Orlando Pirates
-
Torres hat-trick helps Barca down Betis to extend Liga lead
-
Bielle-Biarrey strikes twice as Bordeaux win Champions Cup opener in S.Africa
-
Liverpool humbled again by Leeds fightback for 3-3 draw
-
'Democracy has crumbled!': Four arrested in UK Crown Jewels protest
-
Contenders plot path to 2026 World Cup glory as FIFA reveals tournament schedule
-
Inter thump Como to top Serie A ahead of Liverpool visit
-
Maresca fears Chelsea striker Delap faces fresh injury setback
-
Consistency the key to Man City title charge – Guardiola
-
Thauvin on target again as Lens remain top in France
-
Greyness and solitude: French ex-president describes prison stay
-
Frank relieved after Spurs ease pressure on under-fire boss
-
England kick off World Cup bid in Dallas as 2026 schedule confirmed
-
Milei welcomes Argentina's first F-16 fighter jets
-
No breakthrough at 'constructive' Ukraine-US talks
-
Bielle-Biarrey double helps Bordeaux-Begles open Champions Cup defence with Bulls win
-
Verstappen looking for a slice of luck to claim fifth title
-
Kane cameo hat-trick as Bayern blast past Stuttgart
-
King Kohli says 'free in mind' after stellar ODI show
-
Arsenal rocked by Aston Villa, Man City cut gap to two points
-
Crestfallen Hamilton hits new low with Q1 exit
-
Sleepless in Abu Dhabi - nervy times for Norris says Rosberg
-
Arsenal will bounce back from Villa blow: Arteta
-
UN Security Council delegation urges all sides to stick to Lebanon truce
-
Verstappen outguns McLarens to take key pole in Abu Dhabi
-
Syria's Kurds hail 'positive impact' of Turkey peace talks
-
Verstappen takes pole position for season-ending Abu Dhabi GP
-
Jaiswal hits ton as India thrash S. Africa to clinch ODI series
-
UK's Farage rallies in Scottish town hit by immigration protests
-
Saracens kick off European campaign by crushing Clermont
-
Arsenal rocked by Villa as Buendia ends leaders' unbeaten run
-
Venezuela's Machado vows to make Nobel Peace Prize ceremony
NYSE - LSE
| RBGPF | 0% | 78.35 | $ | |
| CMSD | -0.3% | 23.25 | $ | |
| GSK | -0.33% | 48.41 | $ | |
| SCS | -0.56% | 16.14 | $ | |
| AZN | 0.17% | 90.18 | $ | |
| BTI | -1.81% | 57.01 | $ | |
| BP | -3.91% | 35.83 | $ | |
| NGG | -0.66% | 75.41 | $ | |
| RELX | -0.55% | 40.32 | $ | |
| CMSC | -0.21% | 23.43 | $ | |
| RIO | -0.92% | 73.06 | $ | |
| JRI | 0.29% | 13.79 | $ | |
| BCC | -1.66% | 73.05 | $ | |
| VOD | -1.31% | 12.47 | $ | |
| BCE | 1.4% | 23.55 | $ | |
| RYCEF | -0.34% | 14.62 | $ |
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
M.O.Allen--AT
