Energy News
CYBER WARS
 Philippines health insurer hacked: What we know
Philippines health insurer hacked: What we know
 By Pam Castro, with Qasim Nauman in Seoul
 Manila (AFP) Oct 9, 2023

Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.

The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.

Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:

What did the hackers steal?

PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.

As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.

PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.

Separately, employee information was also stolen from the targeted computers.

The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.

An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".

Who are the hackers, and what do they want?

The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.

MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.

The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.

It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.

How did they get the data?

On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.

The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.

The government has so far not said exactly how hackers got access to the computers.

But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.

How has the government responded?

With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.

However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.

The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.

The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.

Related Links
 Cyberwar - Internet Security News - Systems and Policy Issues

Subscribe Free To Our Daily Newsletters
Tweet

RELATED CONTENT
The following news reports may link to other Space Media Network websites.
CYBER WARS
Vietnam linked to spy campaign using EU-made malware
 Paris (AFP) Oct 9, 2023
 Vietnamese agents may be behind a global spyware campaign targeting officials, civil society and journalists around the world using EU-made malware, Amnesty International said Monday. The NGO detailed in a report how a Vietnam-linked account on Twitter, now X, tried to infect the phones of dozens of people and institutions - including overseas Vietnamese journalists, EU and US officials and Taiwanese President Tsai Ing-wen - with malware called Predator. Amnesty has worked with media outlets a ... read more
CYBER WARS
Hawaii gets $8M for new space tech to measure Earth's chemical composition

 Ozone hole goes large again

 NASA selects Umbra for their CSDA Program

 EU agrees to eliminate climate warming 'F-gases' by 2050
CYBER WARS
Trimble and Kyivstar to provide GNSS correction services in Ukraine

 Galileo becomes faster for every user

 Present and future of satellite navigation

 New Galileo station goes on duty
CYBER WARS
Deforestation down in Brazil's Amazon

 Carbon-capture tree plantations threaten tropical biodiversity for little gain

 Is planting trees to combat climate change 'complete nonsense'?

 Brazil Senate approves bill restricting Indigenous land rights
CYBER WARS
Lightning strike hits UK biogas facility

 Aston University research pioneers making renewable hydrogen and propane fuel gases from glycerol

 Is there more to palm oil than deforestation?

 Making aviation fuel from biomass
CYBER WARS
URW to go solar to cut carbon at retail complexes

 Cost effective perovskite cells with a structured anti-reflective layer

 Sunny Albania turns to solar power to fuel development

 India must rapidly scale solar to reach renewable targets: study
CYBER WARS
Harvesting wind energy in small countries with low wind speed and limited

How wind turbines react to turbulence

 Work starts on key German wind power energy line

 No offshore wind in latest UK green energy auction
CYBER WARS
Australian environmental group fails to stop coal mine approvals

 Can a $20 billion bet wean Indonesia off coal?

 At least 16 killed in coal mine fire in SW China

 Major Indonesia coal plant back near capacity despite pollution concerns
CYBER WARS
Ex-boss of China banking giant arrested for taking bribes

 Bankrupt Sri Lanka gets China agreement on debt restructure

 Ex-boss of China state-owned banking giant kicked out of ruling CCP

 US police kill driver who crashed into Chinese consulate
Subscribe Free To Our Daily Newsletters




The content herein, unless otherwise known to be public domain, are Copyright 1995-2024 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. General Data Protection Regulation (GDPR) Statement Our advertisers use various cookies and the like to deliver the best ad banner available at one time. All network advertising suppliers have GDPR policies (Legitimate Interest) that conform with EU regulations for data collection. By using our websites you consent to cookie based advertising. If you do not agree with this then you must stop using the websites from May 25, 2018. Privacy Statement. Additional information can be found here at About Us.