- Military escalation not in Israel's 'best interest': White House
- Marxist leader declared Sri Lanka's president-elect
- Classes resume at Bangladesh university at heart of protests
- 'Barely anyone left': Sudan's El-Fasher devastated by fighting
- 'Warrior' Joshua vows to fight on despite Dubois mauling
- Martin extends MotoGP lead as Bastianini wins at Misano and Bagnaia crashes out
- New French government instantly under pressure on multiple fronts
- Australia's Brown adds world title to Olympic time trial gold
- Russian strike on Ukraine's Kharkiv wounds 21
- UK's Starmer rules out austerity as Labour conference opens
- Swiss voters reject environment, pensions reforms: projected results
- Israel says 'landed blows' on Hezbollah as Lebanon violence intensifies
- Roma CEO steps down amid anger over club icon De Rossi's sacking
- Incoming French government under pressure on multiple fronts
- Hezbollah rockets strike near Israel's Haifa as UN warns of 'catastrophe'
- Haddad Maia roars back to beat Kasatkina in Korea Open final
- All-rounder Ashwin powers India to 280-run Test win over Bangladesh
- Failed Springbok 'gamble' sets up rugby championship decider
- Lebanon strikes send Israelis to shelters as UN warns of 'catastrophe'
- Far-right AfD eyes new win in east German state vote
- Tony Popovic set to become new Socceroos coach - reports
- All-round Ashwin powers India to big Test win over Bangladesh
- NZ chase 275 to win first Sri Lanka Test after Patel bags six
- Ashwin bags six wickets as India hammer Bangladesh in first Test
- Nascent French government under pressure on multiple fronts
- Angry French cognac makers see red over Chinese tariffs threat
- Protect the prosciutto: Italy battles swine fever
- UN holds 'Summit of the Future' to tackle global crises
- Marxist leader set to become Sri Lanka's next president
- From blades to pull-up bars: UK charity tackles knife crime
- Swiss vote on pensions and environment protections
- No pain, no gain: Chinese pro wrestlers fight for recognition
- UAE leader seeks to deepen 'strategic' ties in US visit during Mideast crisis
- Hezbollah takes heavy hits but still fighting Israel
- Floods, landslides hit central Japan months after major quake
- All Blacks coach Robertson demands better finishing
- Argentina edge South Africa to keep title hopes alive
- Biden says China 'testing us,' in hot mic remarks to Quad allies
- Dubois destroys Joshua to retain IBF world heavyweight crown
- Guardiola says critics want Man City wiped 'from face of the Earth'
- Biden says 'Quad' is 'here to stay' despite challenges
- Dubois knocks out Joshua to retain IBF world heavyweight crown
- Vinicius helps 'faster' Madrid overturn stubborn Espanyol
- Zelensky to press US on long-range missile strikes inside Russia
- PSG drop first points in draw at Reims
- Vinicius, Mbappe on target as Madrid crush plucky Espanyol
- Jeeno leads Ko by two at LPGA Queen City Championship
- Bottega Veneta goes for 'E.T.' chic as Madonna pops into D&G
- Messi, Miami frustrated by New York late leveler
- Musk's X platform takes first step toward lifting Brazil ban
Philippines health insurer hacked: What we know
Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.
The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.
Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:
What did the hackers steal?
PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.
As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.
PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.
Separately, employee information was also stolen from the targeted computers.
The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.
An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".
Who are the hackers, and what do they want?
The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.
MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.
The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.
It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.
How did they get the data?
On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.
The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.
The government has so far not said exactly how hackers got access to the computers.
But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.
How has the government responded?
With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.
However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.
The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.
The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.
T.Ward--AMWN