The Philippine Health Insurance Corporation (PhilHealth) has called on the public to refrain from further disseminating illegally obtained data from its system following the cyberattack on September 22.
The state health insurer has stated that hackers have reportedly begun to publicize the leaked data and has urged its members to change their passwords and monitor their online accounts.
In a statement, PhilHealth Chief Emmanuel R. Ledesma, Jr. said: “Using the stolen data, the hackers will likely target members through calls, emails or text messages. Let us then heed the advice of authorities to refrain from clicking doubtful links or providing passwords or OTPs. It is best to ignore suspicious calls, and to delete text or emails instead from unknown and suspicious senders.”
PhilHealth has also requested the public to avoid further circulating the illegally obtained data as it has serious consequences under the law.
According to authorities, hackers may face up to 20 years of imprisonment, while individuals or organizations who download, process, or share such data will likewise be held accountable for unauthorized processing of personal information and may face criminal charges.
“Bilang responsable sa mga impormasyon ng ating mga miyembro, nakahanda po kaming makipagtulungan sa mga imbestigasyon para lalong mapagbuti ang cybersecurity system. Makakaasa po ang publiko na may malaking kabutihang dulot ang pangyayaring ito para maging mas mabuti ang ating serbisyo sa miyembro,” Ledesma said, expressing commitment to face any inquiry regarding the ransomware attack.
