Energy News
CYBER WARS
 Philippines health insurer hacked: What we know
Philippines health insurer hacked: What we know
 By Pam Castro, with Qasim Nauman in Seoul
 Manila (AFP) Oct 9, 2023
 Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.

The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.

Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:

What did the hackers steal?

PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.

As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.

PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.

Separately, employee information was also stolen from the targeted computers.

The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.

An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".

Who are the hackers, and what do they want?

The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.

MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.

The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.

It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.

How did they get the data?

On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.

The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.

The government has so far not said exactly how hackers got access to the computers.

But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.

How has the government responded?

With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.

However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.

The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.

The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.

Related Links
 Cyberwar - Internet Security News - Systems and Policy Issues

Subscribe Free To Our Daily Newsletters
Tweet

RELATED CONTENT
The following news reports may link to other Space Media Network websites.
CYBER WARS
Vietnam linked to spy campaign using EU-made malware
 Paris (AFP) Oct 9, 2023
 Vietnamese agents may be behind a global spyware campaign targeting officials, civil society and journalists around the world using EU-made malware, Amnesty International said Monday. The NGO detailed in a report how a Vietnam-linked account on Twitter, now X, tried to infect the phones of dozens of people and institutions - including overseas Vietnamese journalists, EU and US officials and Taiwanese President Tsai Ing-wen - with malware called Predator. Amnesty has worked with media outlets a ... read more
CYBER WARS
Lightning strike hits UK biogas facility

 Aston University research pioneers making renewable hydrogen and propane fuel gases from glycerol

 Is there more to palm oil than deforestation?

 Making aviation fuel from biomass
CYBER WARS
URW to go solar to cut carbon at retail complexes

 Cost effective perovskite cells with a structured anti-reflective layer

 Sunny Albania turns to solar power to fuel development

 India must rapidly scale solar to reach renewable targets: study
CYBER WARS
Harvesting wind energy in small countries with low wind speed and limited

How wind turbines react to turbulence

 Work starts on key German wind power energy line

 No offshore wind in latest UK green energy auction
CYBER WARS
Yellen urges more IMF, World Bank reforms for climate fight

 US offers no new cash to climate fund for developing world

 NGOs urge G20 to speed up reforms for climate finance

 Vietnam confirms arrest of energy think tank chief
CYBER WARS
Superconductivity at room temperature remains elusive

 France taps nuclear know-how to recycle electric car batteries

 New approach may help extract more heat from geothermal reservoirs

 Warming up! 30 years of fusion-energy research at EPFL
CYBER WARS
Toxic storms blamed on climate change cloud Tajikistan

 UN conference adopts plan to reduce chemicals harm

 Vietnam jails climate activist for tax evasion; Thai court drops charges over murdered activist

 US adopts plan to phase out single-use plastics at national parks
CYBER WARS
OPEC sees oil demand growth continuing until 2045

 Dutch protests scrapped after fossil fuel vote

 World Bank chief defends its natural gas investments

 Oil prices soar after Hamas attack on Israel
CYBER WARS
Light rocks on deck, gray rocks in the hole: Sols 3966-3697

 NASA's Perseverance captures dust-filled Martian whirlwind

 Double DRT for a Soliday: Sols 3964-3965:

 Dust removal delayed: Sols 3962-3963
Subscribe Free To Our Daily Newsletters




The content herein, unless otherwise known to be public domain, are Copyright 1995-2026 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. General Data Protection Regulation (GDPR) Statement Our advertisers use various cookies and the like to deliver the best ad banner available at one time. All network advertising suppliers have GDPR policies (Legitimate Interest) that conform with EU regulations for data collection. By using our websites you consent to cookie based advertising. If you do not agree with this then you must stop using the websites from May 25, 2018. Privacy Statement. Additional information can be found here at About Us.