Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Hungry Sabalenka ready for more Slam success
-
Mass jailbreak in Mozambique amid post-election unrest
-
Bridges outduels Wembanyama as Knicks beat Spurs
-
2004 Indian Ocean tsunami: what to know 20 years on
-
Asia to mourn tsunami dead with ceremonies 20 years on
-
Syrians protest after video of attack on Alawite shrine
-
Russian state owner says cargo ship blast was 'terrorist attack'
-
Crisis-hit Valencia hire West Brom's Corberan as new boss
-
Suriname ex-dictator and fugitive Desi Bouterse dead at 79
-
Syria authorities say torched 1 million captagon pills
-
Pope calls for 'arms to be silenced' across world
-
32 survivors as Azerbaijani jet crashes in Kazakhstan
-
Pakistan air strikes kill 46 in Afghanistan, Kabul says
-
Liverpool host Foxes, Arsenal prepare for life without Saka
-
Zelensky condemns Russian 'inhumane' Christmas attack on energy grid
-
Sweeping Vietnam internet law comes into force
-
Pope kicks off Christmas under shadow of war
-
Catholics hold muted Christmas mass in Indonesia's Sharia stronghold
-
Japan's top diplomat in China to address 'challenges'
-
Thousands attend Christmas charity dinner in Buenos Aires
-
Demand for Japanese content booms post 'Shogun'
-
As India's Bollywood shifts, stars and snappers click
-
Mystery drones won't interfere with Santa's work: US tracker
-
Djokovic eyes more Slam glory as Swiatek returns under doping cloud
-
Australia's in-form Head confirmed fit for Boxing Day Test
-
Brazilian midfielder Oscar returns to Sao Paulo
-
'Wemby' and 'Ant-Man' to make NBA Christmas debuts
-
US agency focused on foreign disinformation shuts down
-
On Christmas Eve, Pope Francis launches holy Jubilee year
-
'Like a dream': AFP photographer's return to Syria
-
Chiefs seek top seed in holiday test for playoff-bound NFL teams
-
Panamanians protest 'public enemy' Trump's canal threat
-
Cyclone death toll in Mayotte rises to 39
-
Ecuador vice president says Noboa seeking her 'banishment'
-
Leicester boss Van Nistelrooy aware of 'bigger picture' as Liverpool await
-
Syria authorities say armed groups have agreed to disband
-
Maresca expects Man City to be in title hunt as he downplays Chelsea's chancs
-
South Africa opt for all-pace attack against Pakistan
-
Guardiola adamant Man City slump not all about Haaland
-
Global stocks mostly higher in thin pre-Christmas trade
-
Bethlehem marks sombre Christmas under shadow of war
-
11 killed in blast at Turkey explosives plant
-
Indonesia considers parole for ex-terror chiefs: official
-
Postecoglou says Spurs 'need to reinforce' in transfer window
-
Le Pen says days of new French govt numbered
-
Villa boss Emery set for 'very difficult' clash with Newcastle
-
Investors swoop in to save German flying taxi startup
-
How Finnish youth learn to spot disinformation
-
12 killed in blast at Turkey explosives plant
-
Panama leaders past and present reject Trump's threat of Canal takeover
NYSE - LSE
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
V.Fontes--PC
