Philippines health insurer hacked: What we know
/ Photo: JAM STA ROSA - AFP
-
Turkey's opposition says Erdogan's canal plan behind latest arrests
-
Maresca hails 'nasty' Chelsea as top five bid stays alive
-
Trump raises Putin doubts after Zelensky talks at pope's funeral
-
Major blast at Iran port kills 4, injures hundreds
-
Napoleon's sword to be sold at auction in Paris
-
Iran, US discuss nuclear deal in third round of talks
-
Buenos Aires farewells native pontiff with call to action
-
Warholm sets hurdles world record at Diamond League, Holloway shocked
-
US students 'race' sperm in reproductive health stunt
-
Wikileaks founder Assange joins crowds for pope funeral
-
Leader Marc Marquez claims Spanish MotoGP sprint victory
-
Celtic win fourth successive Scottish Premiership title
-
Jackson ends drought as Chelsea boost top five push
-
Warholm sets 300m hurdles world record in Diamond League opener
-
Major blast at south Iran port kills 4, injures hundreds
-
Russia says retook Kursk from Ukraine with North Korean help
-
Francis laid to rest as 400,000 mourn pope 'with an open heart'
-
Trump, Zelensky meet on sidelines of pope's funeral
-
'Shared loss': Filipino Catholics bid Pope Francis farewell
-
Families unable to reunite as India-Pakistan border slams shut
-
Major blast at south Iran port injures hundreds
-
Foreign carmakers strive for 'China Speed' to stay in race
-
Pakistan says open to neutral probe into Kashmir attack after India threats
-
Hundreds of thousands at funeral mourn pope 'with an open heart'
-
Quartararo sets Spanish MotoGP record to claim pole
-
Hamas says open to 5-year Gaza truce, one-time hostages release
-
Iran, US hold new round of high-stakes nuclear talks
-
Up at dawn for front-row seat to history at Francis's funeral
-
Pakistan ready to 'defend sovereignty' after India threats
-
Huge crowds flock to Vatican for Pope Francis's funeral
-
Xi says China must 'overcome' AI chip challenges
-
Indian army says new exchange of gunfire with Pakistan
-
Epstein accuser Virginia Giuffre takes own life in Australia: family
-
Hundreds of buildings damaged, dozens injured in 6.3 Ecuador quake
-
India and Pakistan's Kashmir fallout hits economy too
-
Francis's funeral to be grand farewell to 'pope of the poor'
-
Pogacar faces defiant Evenepoel at Liege-Bastogne-Liege
-
Chelsea eye great escape against Barcelona in Women's Champions League
-
Iran, US to hold new round of high-level nuclear talks
-
'Energy and effort' pay off for Reds as Blues' woes continue
-
Albatross and closing birdie lift China's Liu to LPGA Chevron lead
-
On the horizon? Wave of momentum for high seas treaty
-
New to The Street Launches For The Causes(TM) Monthly Awareness Segments: Offering Free National Media to Charities and Organizations
-
Top Mistakes to Avoid When Building Credit History
-
Developing countries should fast-track US trade deals: World Bank president
-
Grizzlies' Morant 'doubtful' for must-win game 4 v Thunder
-
Trump in Rome for pope funeral in first foreign trip of new term
-
Trump says Russia-Ukraine deal 'very close' after new Kremlin talks
-
US rookies lead PGA pairs event with McIlroy and Lowry in hunt
-
Trump tariff promises get a reality check
NYSE - LSE
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
T.Ward--AMWN
