Philippines' state health insurer reportedly had no cyber protection, according to Bloomberg. This paved the way for hackers to exploit and access Filipinos' millions of data. Leaking it to various websites.
The same report states that the Philippine Health Insurance Corp. has since then notified its over 36 million members, or roughly a third of the country's population, that their data may have been exposed, though the entire extent of the breach is still unknown.
The start of the attack was reportedly on September 22, wherein staff members turned on their computers, including those needed for processing records.
Bloomberg interviewed Israel Pargas, senior vice president for the health finance policy sector, where he stated that computer screens flashed a message with the Medusa group claiming responsibility for the attack and demanding $300,000 in exchange for the erasure of the agency's files.
Around 96 computers, or approximately 10% of the agency's machines at its Manila, Metro Manila, headquarters, were impacted, he claimed.
Lacking Cyber Protection
Philhealth reportedly had its cyber protection services expire last May and has failed to renew due to revised procurement policies within its organization; only after the hacking incident did the organization contact a cyber protection provider by accepting a 30-day trial.
Pargas, however, noted that "other tools" have also been secured by the organization to monitor future cyberattacks and pursue further cyber security improvements that will be obtained in the future.
The incident is the latest in a string of cyberattacks against Philippine government institutions that have drawn attention to its significant degree of defenselessness against cyber security attacks. This has prompted investigations and concerns from government agencies and various groups.
Philippines' National Privacy Commission has since launched an investigation to hold responsible officials accountable and comprehensively understand the full extent of the data breach.
Leaked Data from Hackers
Rappler reported that both member and employee data have already been leaked on various accessible websites and applications like Telegram last October 5. Roughly 600 gigabytes worth of data and files have been leaked.
An overview of the leaked data includes name, address, birthday, sex, mobile number, and identification number, according to Philstar. The leaked data may lead to a barrage of online scams ranging from messaging scams to identity theft.
The state-run insurance company has announced various ways to prevent or mitigate the damages by stating that members whose personal information was deemed to be compromised will be notified, according to Philstar.
The government-run insurer also advised contributors to take immediate steps, including checking their credit records for any suspicious activity.
Members should add a fraud warning to their credit reports, according to PhilHealth. In addition, contributors are recommended to watch out for phishing emails and smishing SMS and to update the passwords on all of their digital accounts, especially financial ones.
If the Medusa organization was behind the attack or whether another party utilized the Medusa ransomware, Bloomberg states that they were unable to independently confirm it. Furthermore, it's not immediately clear how the hackers got past PhilHealth's computer systems' protection.