Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Shiffrin wins Levi slalom for 98th World Cup victory
-
Israel pummels south Beirut as Lebanon mulls truce plan
-
Religious Jews comfort hostages' families in Tel Aviv
-
German Greens' Robert Habeck to lead bruised party into elections
-
Johnson bags five as Australia beat Pakistan to seal T20 series
-
Zelensky says wants to end war by diplomacy next year
-
Rugby Union: Wales v Australia - three talking points
-
10 newborns killed in India hospital fire
-
Veteran Le Cam leads Vendee Globe as Sorel is first to quit
-
Bagnaia on pole for Barcelona MotoGP, Martin fourth
-
UN climate chief urges G20 to spur tense COP29 negotiations
-
Rauf takes four as Pakistan hold Australia to 147-9 in 2nd T20
-
World not listening to us, laments Kenyan climate scientist at COP29
-
Philippines warns of 'potentially catastrophic' Super Typhoon Man-yi
-
Wales take on Australia desperate for victory to avoid unwanted record
-
Tyson beaten by Youtuber Paul in heavyweight return
-
Taylor holds off bloodied Serrano to retain undisputed crown
-
Japan PM expresses concern to Xi over South China Sea situation
-
Tens of thousands flee as Super Typhoon Man-yi nears Philippines
-
Hoilett gives Canada win in Suriname as Mexico lose to Honduras
-
Davis, James spark Lakers over Spurs while Cavs stay perfect
-
Mushroom houses for Gaza? Arab designers offer home-grown innovations
-
Gabon votes on new constitution hailed by junta as 'turning point'
-
Young Libyans gear up for their first ever election
-
Vice tightens around remaining civilians in eastern Ukraine
-
Dutch coalition survives political turmoil after minister's resignation
-
Uruguay end winless run with dramatic late win over Colombia
-
Max potential: 10 years since a teenage Verstappen wowed in Macau
-
Tens of thousands flee as Typhoon Man-yi nears Philippines
-
Is Argentina's Milei on brink of leaving Paris climate accord?
-
Big Bang: Trump and Musk could redefine US space strategy
-
Revolution over but more protests than ever in Bangladesh
-
Minister resigns but Dutch coalition remains in place
-
Ireland won 'ugly', says relieved Farrell
-
Stirring 'haka' dance disrupts New Zealand's parliament
-
England's Hull grabs lead over No.1 Korda at LPGA Annika
-
Kosovo players walk off in Romania after 'Serbia' chants, game abandoned
-
Kosovo players walk off in Romania game after 'Serbia' chants
-
Lame-duck Biden tries to reassure allies as Trump looms
-
Nervy Irish edge Argentina in Test nailbiter
-
Ronaldo at double as Portugal reach Nations League quarters, Spain win
-
Fitch upgrades Argentina debt rating amid economic pain
-
Trump picks Doug Burgum as energy czar in new administration
-
Phone documentary details struggles of Afghan women under Taliban
-
Ronaldo shines as Portugal rout Poland to reach Nations League last-eight
-
Spain beat Denmark to seal Nations League group win
-
Former AFCON champions Ghana bow out as minnows Comoros qualify
-
Poland, Britain reach BJK Cup quarter-finals
-
At summit under Trump shadow, Xi and Biden signal turbulence ahead
-
Lebanon said studying US truce plan for Israel-Hezbollah war
NYSE - LSE
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
M.O.Allen--AT
