Six out of eight PhilHealth external systems running after ransomware attack | ABS-CBN

ADVERTISEMENT

dpo-dps-seal
Welcome, Kapamilya! We use cookies to improve your browsing experience. Continuing to use this site means you agree to our use of cookies. Tell me more!

Six out of eight PhilHealth external systems running after ransomware attack

Six out of eight PhilHealth external systems running after ransomware attack

Joyce Balancio,

ABS-CBN News

Clipboard

PhilHealth personnel manually process members’ transactions in Quezon City on September 28, following the shutdown of its online system due to a cyberattack. Maria Tan, ABS-CBN News
PhilHealth personnel manually process members’ transactions in Quezon City on September 28, following the shutdown of its online system due to a cyberattack. Maria Tan, ABS-CBN News

MANILA — Six out of eight external systems of the Philippine Health Insurance Corporation (PhilHealth) that had been affected by a Medusa Ransomware attack were up and running on Thursday, the agency’s spokesperson said.

Dr. Israel Francis Pargas said these include the website, members portal, e-claims portal, electronic premium remittance system, and the electronic PhilHealth acknowledgement receipt.

“Soon po tonight, we are hoping na mai-out na rin po natin iyong dalawa pang natitirang system natin. So for the external system, hopefully 8/8 na po na gumagana ang ating systems. So, we are up and about na po by tomorrow [Friday],” Pargas told ABS-CBN News.

“For our internal systems, we are just checking and scanning all our computers and all our systems before po natin i-up just to make sure na lahat po ay free of all these viruses and para po ay ma-contain din po natin ang lahat, kung ano mang attack ang mayroon. But soon, hopefully by next week, all our internal systems are up and ongoing,” he added.

ADVERTISEMENT

PhilHealth admitted that it does not disregard the possibility that hackers could have gained access to membership data and records.

From what has been posted online by the hackers, Pargas noted that most of these documents came from the work stations of PhilHealth employees, some of whom have access to the members' database.

“Mayroon po [access] because the 96 work stations, iba-iba. Mayroong nasa records station, mayroong nasa processing station, mayroong nasa clerk. Ang mga empleyado po natin have different access, depende po sa kanilang trabaho, depende po sa ibinibigay na access,” Pargas said.

Watch more News on iWantTFC

The ABS-CBN Investigative and Research team summarized the contents of a 44 -minute video posted by hackers on the alleged data and information that were taken from the state insurer’s system.

These include the following:

ADVERTISEMENT

• Folder and file names that contain the words “ID”, “plan”, “fin”, and “2023"

• Rows of more than 7,000 photo IDs

• Scanned and photographed IDs, such as PhilHealth company IDs, passports, SSS IDs, and senior citizen’s IDs

• Scanned and photographed copies of IDs and bank cards of three people

• Various receipts, such as payment for car insurance addressed to PhilHealth and contributions of informal sectors ranging from P1,000 to P5,000

ADVERTISEMENT

• PhilHealth administrative files, such as a master list of PhilHealth employee voters in 2004, minutes of the meeting, decisions of the PhilHealth Arbitration Office, and an affidavit of a PhilHealth employee

• PhilHealth financial files, such as procurement and expenditure data, cash reports, corporate operating budgets, a billing statement, and an authorization letter to debit money to a LandBank account

• Information in some of the administrative and financial files, including employees’ names

• Copies of department orders, such as PhilHealth Corporation Order Nos. 2023-0010 and 2023-0037, a PhilHealth memorandum order, and Anti-Red Tape Authority Memorandum Circular No. 2022-05

Watch more News on iWantTFC

PhilHealth said the leaked internal documents would not affect the overall operations of the agency, but might cause “controversy” especially pertaining to records of cases against hospitals and specific medical practitioners.

ADVERTISEMENT

“Pwede siya mapag-usapan, iyong mga hospital or pwede mapag-usapan iyong mga doktor na maaaring nakasuhan ng Philhealth kung iyon ang mga data na nandoon,” Pargas said.

“Iyon po pong personal identifiable information ng members natin or ating empleyado ay pwede magamit for identity theft and pwede magamit siya sa pagbubukas ng accounts o paggamit ng credit cards na pwede pandaraya ang mangyayari,” he added.

Pargas assured the public that the agency was taking measures to improve its systems, such as procuring additional layers of cybersecurity, among others.

ADVERTISEMENT

ADVERTISEMENT

It looks like you’re using an ad blocker

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker on our website.

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker on our website.