- Joined
- Feb 22, 2015
- Posts
- 14,591
- Solutions
- 2,186
- Reaction
- 25,968
- Points
- 8,274
๐๐๐๐ฎ๐ฌ๐ ๐๐๐๐ค๐๐ซ๐ฌ ๐๐๐ฅ๐๐๐ฌ๐ ๐๐ญ๐จ๐ฅ๐๐ง ๐๐ก๐ข๐ฅ๐๐๐๐ฅ๐ญ๐ก ๐๐๐ญ๐
The state health insurer โdid not subscribe to anti-virus and security software since May, thatโs why they were hรครงked,โ Sen. Grace Poe said. โI donโt think it is really an excuse for any government agency not to have security in their databases.โ
๐ป๐๐๐๐๐๐ โ๐๐ฃ๐ ๐ ๐ก๐๐๐ก๐๐ ๐๐ฅ๐๐๐ ๐๐๐ ๐ ๐๐๐ ๐๐ ๐กโ๐ ๐๐๐ก๐ ๐๐๐ก๐๐๐๐ฃ๐๐ ๐๐๐๐ ๐๐๐๐ ๐๐๐ค๐๐๐ ๐๐ก๐ก๐๐๐ ๐๐๐๐๐๐ ๐ก ๐กโ๐ ๐โ๐๐๐๐๐๐๐๐ ๐ป๐๐๐๐กโ ๐ผ๐๐ ๐ข๐๐๐๐๐ ๐ถ๐๐๐. ๐๐๐ก๐๐ ๐ ๐๐๐๐ ๐๐ ๐๐ $300,000 ๐ก๐ ๐ข๐๐๐๐๐ ๐กโ๐ ๐๐๐ก๐ ๐ค๐๐ ๐๐๐ก ๐๐๐๐.
Filipinos should brace for a barrage of online scams in the coming days after hรครงkers who stole data from state-run Philippine Health Insurance Corp. (PhilHealth) have leaked membersโ information to online โ and possibly criminal โ groups.
Reports coming from dark web informants showed that documents stolen from PhilHealth were publicized in online marketplaces like Telegram starting Thursday, Oct. 5.
Deep Web Konek, a group dedicated to publishing activities in the dark web, shared a screenshot showing large packets of files containing alleged information on PhilHealth members.
As such, the group warned that PhilHealth members should be vigilant in the coming days. Data uploaded on the dark web are usually exploited by criminal groups involved in digital fraud ranging from messaging scams to identity theft.
Another report indicated that PhilHealth files in online marketplaces contain documents compressed in 160 folders. In total, these files amount to 600 GB of data.
๐ง๐ต๐ฒ ๐ฃ๐ต๐ถ๐น๐ถ๐ฝ๐ฝ๐ถ๐ป๐ฒ ๐ฆ๐ง๐๐ฅ reached out to the Department of Information and Communications Technology (DICT) for comment, but received no response.
Earlier, PhilHealth admitted that it has yet to determine the number of records taken by Medusa, but expressed belief that sensitive information were included in the ransomware attack.
These data include name, address, birthday, ***, mobile number and identification number.
PhilHealth has committed to notify members whose personal information was deemed compromised. The state-run insurer also asked contributors to take precautions right away, including monitoring their credit reports for unauthorized activities.
PhilHealth also said members should place a fraud alert on their credit reports. Contributors are also advised to change their passwords in all digital accounts, particularly in financial platforms, and keep an eye on phishing emails and smishing texts.
In a text message to reporters, the National Privacy Commission (NPC) said it is looking into the liability of PhilHealth in the data breach.
โAs for PhilHealthโs liability, we are currently assessing whether negligence was involved on its part before making any definitive statements, but in addition to negligence we are also looking if there is concealment and possible imposition of administrative fines,โ the NPC said.
๐ฐ๐๐๐๐๐๐๐๐๐๐ ๐๐ ๐ญ๐๐๐๐๐ ๐ณ๐๐๐๐๐๐
While the Senate has not yet initiated an investigation on the hรครงking of PhilHealth, officials of the state-run insurer should be made to explain the cyber security breach when they defend before lawmakers their proposed budget for 2024, Sen. Grace Poe said on Thursday.
Although Congress is on recess, several Senate subcommittees continue to conduct hearings on the 2024 proposed budgets of various government agencies.
โEven if it is not investigated (by the Senate), I think it is necessary that we ask the hรครงking incident during the budget hearing,โ Poe said during the โKapihan sa Manila Bayโ forum on Wednesday, Oct. 4.
Cyberhรครงkers demanded $300,000 or approximately P16 million after the Medusa ransomware infected the systems of PhilHealth on Sept. 22, according to the DICT.
Poe cited reports that the hรครงkers may have taken advantage of the expiration of PhilHealthโs anti-virus security software last May to carry out their plan.
โThey did not subscribe to anti-virus and security software since May, thatโs why they were hรครงked. I donโt think it is really an excuse for any government agency not to have security in their databases,โ she said.
Poe said that even if PhilHealth did not have enough budget for a cyber security software, its officials should have used their revolving funds, or emergency procurement, which is allowed under the law. She said that unlike in the past, hiring of IT experts has now become necessary.
โOne of the bills that I filed is that as part of the E-government Act with the digitalization of government agencies into one portal, all important agencies, government and critical establishments of private sector like media, telcos, etc. should have cyber security employees on duty all the time to thwart or address cyber attacks.โ
Poe said agencies should have IT experts handling cyber security plan to ensure at least minimum IT compliance with cyber security regulations.
โWhy was it (cyber security subscription) not prioritized? They let it lapse and didnโt pay the subscription. I am sure they have an IT manager there. They should be summoned, their database was not affected, but other information were stolen,โ Poe said.
Sen. Bong Go, for his part, has reiterated his call for PhilHealth as well as other government agencies to bolster their cybersecurity defenses.
Go said the protection of data and the continuity of services, especially for the underprivileged, should be of utmost priority.
โFirst of all, we should not be complacent. Every detail of information is important and every second of delay in services can spell big problem for our countrymen in need,โ Go said.
Go, chairman of the committee on health, urged PhilHealth to take immediate and stringent measures.
โWe should have preventive measures so this kind of incident wonโt be repeated. We must strengthen our cybersecurity,โ he said.
The senator also stressed the importance of ensuring that PhilHealthโs services remain uninterrupted, especially for the poor.
โItโs not only PhilHealth thatโs in danger here, but its members as well,โ he said. He explained any investigation would need much input from the DICT and the National Privacy Commission (NPC).
โ๐๐จ๐ฅ๐ ๐๐ก๐ข๐ฅ๐๐๐๐ฅ๐ญ๐ก ๐๐๐๐จ๐ฎ๐ง๐ญ๐๐๐ฅ๐โ
Meanwhile, information and communications technology professionals have urged the government to hold the PhilHealth accountable for the cyber attack on its system.
The Computer Professionalsโ Union (CPU) said the recent statements of PhilHealth and DICT highlighted the governmentโs lack of initiative to protect and secure sensitive and personal information.
โThe fact that PhilHealth and the DICT initially downplayed the severity of the Medusa ransomware breach on its systems, especially its impacts on the people, speaks volumes about how the government treats peopleโs personally-identifiable information,โ the group said in a statement.
โNow PhilHealth is stating that โonlyโ employeesโ personal information have been affected, although it admitted that it is possible that the breached computers could also have information on PhilHealthโs members, which as of 2021 numbering 94 million or more than 80 percent of the countryโs population,โ the group said.
PhilHealth officials initially downplayed the breach by saying its main servers were secure after the attack.
One report also quoted an official as saying that the threat to release stolen information was only a bluff.
The DICT later confirmed that some information, primarily those on employees, were compromised in the incident.
PhilHealth issued a public advisory hours before the deadline set by the hรครงkers expired.
The CPU said the PhilHealth data breach is just the latest in a series of incidents that highlight governmentโs ineptitude in handling peopleโs personal information.
It recalled the leak of information on police applicants and members early this year as well as the so-called โComeleakโ in 2016.
๐ญ๐๐๐๐๐๐ ๐ฌ๐๐๐๐
Infrawatch PH decried PhilHealthโs belated move to alert the public and demanded that it cooperate with investigators.
โThis critical issue demands immediate and transparent action from all parties involved. No urgent public notices can replace comprehensive action,โ said Terry Ridon, Infrawatch PH convenor and former party-list congressman.
โThe notice from PhilHealth is insufficient. It leaves the public in the dark about the full extent of the breach and fails to outline a clear action plan for resolving the issue,โ Ridon said.
โAttributing the failure to renew antivirus software to new government procurement rules is not just an excuse; itโs a dereliction of duty,โ Ridon said.
โThe PhilHealth breach raises serious questions about the security of other government databases. If a database as extensive as PhilHealthโs can be compromised, it casts doubt on the security measures in place for other government systems,โ Ridon pointed out.
Data protection groups have offered to help PhilHealth ease the impact of the cyber attack.
The National Association of Data Protection Officers of the Philippines (NADPOP) and the Philippine Computer Emergency Response Team (PH-CERT) made the offer in a joint statement.
โIf PhilHealth needs unbiased third-party support, we have volunteers who are ready to assist in digital forensics and in the data management breach of the agency,โ the groups said.
NADPOP and PH-CERT said they are bringing to the table a third-party perspective on the matter, and that they are willing to coordinate with the DICT and the NPC, which are investigating the data breach.
PH-CERT president Angel Averia Jr. said it is safe to assume that PhilHealth has compromised sensitive data and left them exposed to criminal groups.
NADPOP president Sam Jacoba warned that the PhilHealth data leak could be worse than the one that hit the Commission on Elections in 2016.
Jacoba said all workers are enrolled in PhilHealth as mandated under Republic Act No. 11223 or the Universal Health Care Act, unlike in Comelec, which only has data on registered voters.
As of 2022, PhilHealth maintains a network of 59.03 million members made up of 35.31 million direct contributors and 23.72 million indirect contributors.
Preliminary investigation from the NPC showed that the ransomware attack exposed the IDs and photos of some PhilHealth members.
PhilHealth admitted as well that the data breach has leaked the mobile numbers of affected contributors.
๐ฆ๐ข๐จ๐ฅ๐๐: You do not have permission to view the full content of this post. Log in or register now.
Last edited:
