Following a cyber attack over the weekend, the Philippine Health Insurance Corporation (PhilHealth) has reassured its membership of over 100 million citizens that the issue has been contained.
The state health insurer has put in place temporary measures to ensure uninterrupted services while assuring a resolution to the breach in its computer systems by Monday, an Inquirer report noted.
PhilHealth has disabled or disconnected access to all its systems, including the website, portals or online links for healthcare institutions and members, and e-claims, as part of “information security containment measures” since the breach was detected early on Friday.
“We are working to restore these systems on Monday, September 25,” PhilHealth president and CEO Emmanuel Ledesma Jr said. “The incident is under control and no personal information and medical information has been compromised or leaked.”
However, Lesdesma refrained from commenting on reports that the incident was a ransomware attack orchestrated by a black hat group called Medusa, which demanded a ransom for the decryption key enabling the health agency to regain possession of its members' personal data.
The Department of Information and Communications Technology (DICT) said that hackers have asked for US$300,000 (PHP16 million) as ransom.
“They have already made a demand for $300,000 for them to do two things: One is to delete the data that they captured, and two, is so they would give us the key so we can decrypt the data that they encrypted,” DICT Undersecretary Jeffrey Ian Dy said in a separate report.
In the interim, PhilHealth has advised members and dependents to access their benefits by providing accredited healthcare providers with a photocopy of their PhilHealth identification card or member data record, along with other supporting documents.
Additionally, it urged employers to submit their reports once the electronic premium remittance system is restored.
What are your thoughts on this story? Please feel free to share your comments below.