The Philippine Health Insurance Corporation (PhilHealth) said that all of their transactions were done over the counter due to a cyberattack over the weekend.

“Sa ngayon kasi we temporarily shut down all of the systems to make sure ma-reconfigure natin lahat ng systems na naapektuhan,” PhilHealth Senior Vice President for Health Finance Policy Israel Francis Pargas told CNN Philippines in an interview.

“Sa halip na merong sistema na ginagamit, babalik muna tayo sa manual operations,” the official added.

Members and their dependents are advised to present a copy of their PhilHealth identification card, member data record, or other supporting documents to access health benefits.

The system temporarily shut down following the cyberattack.

The Department of Information and Communications Technology (DICT) said that the hackers of the the Philippine Health Insurance Corp. system demand for money before they release the data and allow the government to decrypt.

In an interview with the Philippine Star, DICT Undersecretary Jeffrey Dy said cyberhackers have demanded $300,000 or approximately P16 million following the Medusa ransomware infected the state insurer’s system.

“They have already made a demand for $300,000 for them to do two things: One is to delete the data that they captured, and two, is so they would give us the key so we can decrypt the data that they encrypted,” Dy said on Sunday.

The stolen data from PhilHealth has been posted on the dark web according to the DICT official.

“Observed recently since June 2021, the Medusa ransomware is distributed by exploiting publicly exposed Remote Desktop Protocol servers either through brute force attacks, phishing campaigns or by exploiting existing vulnerabilities,” Dy said in an advisory.

“When executed, the Medusa ransomware terminates more than 280 Windows services and processes for programs that could prevent file encryption,” he added.

PhilHealth said that no personal or medical information has been compromised or leaked.

The DICT added that containment measures have been in place should PhilHealth return to its system again.

Staff ReportSeptember 25, 2023

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

PhilHealth goes manual after cyberattack

Courtesy: Robinsons Pavia/Facebook

Staff Report

Courtesy: Robinsons Pavia/Facebook

Staff Report

Related Articles

Huawei unveils a new era of foldable excellence at ‘Unfold the Classic’ launch in Dubai

DOJ urges Duterte to appear before NBI probe

PH, Denmark sign deal to boost healthcare education and employment

Sofronio Vasquez on ‘The Voice’ US win: Dreams do come true