Six out of eight PhilHealth external systems running after ransomware attack | ABS-CBN

Welcome, Kapamilya! We use cookies to improve your browsing experience. Continuing to use this site means you agree to our use of cookies. Tell me more!
Six out of eight PhilHealth external systems running after ransomware attack
Six out of eight PhilHealth external systems running after ransomware attack
Joyce Balancio,
ABS-CBN News
Published Oct 05, 2023 06:16 PM PHT

MANILA — Six out of eight external systems of the Philippine Health Insurance Corporation (PhilHealth) that had been affected by a Medusa Ransomware attack were up and running on Thursday, the agency’s spokesperson said.
MANILA — Six out of eight external systems of the Philippine Health Insurance Corporation (PhilHealth) that had been affected by a Medusa Ransomware attack were up and running on Thursday, the agency’s spokesperson said.
Dr. Israel Francis Pargas said these include the website, members portal, e-claims portal, electronic premium remittance system, and the electronic PhilHealth acknowledgement receipt.
Dr. Israel Francis Pargas said these include the website, members portal, e-claims portal, electronic premium remittance system, and the electronic PhilHealth acknowledgement receipt.
“Soon po tonight, we are hoping na mai-out na rin po natin iyong dalawa pang natitirang system natin. So for the external system, hopefully 8/8 na po na gumagana ang ating systems. So, we are up and about na po by tomorrow [Friday],” Pargas told ABS-CBN News.
“Soon po tonight, we are hoping na mai-out na rin po natin iyong dalawa pang natitirang system natin. So for the external system, hopefully 8/8 na po na gumagana ang ating systems. So, we are up and about na po by tomorrow [Friday],” Pargas told ABS-CBN News.
“For our internal systems, we are just checking and scanning all our computers and all our systems before po natin i-up just to make sure na lahat po ay free of all these viruses and para po ay ma-contain din po natin ang lahat, kung ano mang attack ang mayroon. But soon, hopefully by next week, all our internal systems are up and ongoing,” he added.
“For our internal systems, we are just checking and scanning all our computers and all our systems before po natin i-up just to make sure na lahat po ay free of all these viruses and para po ay ma-contain din po natin ang lahat, kung ano mang attack ang mayroon. But soon, hopefully by next week, all our internal systems are up and ongoing,” he added.
ADVERTISEMENT
PhilHealth admitted that it does not disregard the possibility that hackers could have gained access to membership data and records.
PhilHealth admitted that it does not disregard the possibility that hackers could have gained access to membership data and records.
From what has been posted online by the hackers, Pargas noted that most of these documents came from the work stations of PhilHealth employees, some of whom have access to the members' database.
From what has been posted online by the hackers, Pargas noted that most of these documents came from the work stations of PhilHealth employees, some of whom have access to the members' database.
“Mayroon po [access] because the 96 work stations, iba-iba. Mayroong nasa records station, mayroong nasa processing station, mayroong nasa clerk. Ang mga empleyado po natin have different access, depende po sa kanilang trabaho, depende po sa ibinibigay na access,” Pargas said.
“Mayroon po [access] because the 96 work stations, iba-iba. Mayroong nasa records station, mayroong nasa processing station, mayroong nasa clerk. Ang mga empleyado po natin have different access, depende po sa kanilang trabaho, depende po sa ibinibigay na access,” Pargas said.
The ABS-CBN Investigative and Research team summarized the contents of a 44 -minute video posted by hackers on the alleged data and information that were taken from the state insurer’s system.
The ABS-CBN Investigative and Research team summarized the contents of a 44 -minute video posted by hackers on the alleged data and information that were taken from the state insurer’s system.
These include the following:
These include the following:
ADVERTISEMENT
• Folder and file names that contain the words “ID”, “plan”, “fin”, and “2023"
• Folder and file names that contain the words “ID”, “plan”, “fin”, and “2023"
• Rows of more than 7,000 photo IDs
• Rows of more than 7,000 photo IDs
• Scanned and photographed IDs, such as PhilHealth company IDs, passports, SSS IDs, and senior citizen’s IDs
• Scanned and photographed IDs, such as PhilHealth company IDs, passports, SSS IDs, and senior citizen’s IDs
• Scanned and photographed copies of IDs and bank cards of three people
• Scanned and photographed copies of IDs and bank cards of three people
• Various receipts, such as payment for car insurance addressed to PhilHealth and contributions of informal sectors ranging from P1,000 to P5,000
• Various receipts, such as payment for car insurance addressed to PhilHealth and contributions of informal sectors ranging from P1,000 to P5,000
ADVERTISEMENT
• PhilHealth administrative files, such as a master list of PhilHealth employee voters in 2004, minutes of the meeting, decisions of the PhilHealth Arbitration Office, and an affidavit of a PhilHealth employee
• PhilHealth administrative files, such as a master list of PhilHealth employee voters in 2004, minutes of the meeting, decisions of the PhilHealth Arbitration Office, and an affidavit of a PhilHealth employee
• PhilHealth financial files, such as procurement and expenditure data, cash reports, corporate operating budgets, a billing statement, and an authorization letter to debit money to a LandBank account
• PhilHealth financial files, such as procurement and expenditure data, cash reports, corporate operating budgets, a billing statement, and an authorization letter to debit money to a LandBank account
• Information in some of the administrative and financial files, including employees’ names
• Information in some of the administrative and financial files, including employees’ names
• Copies of department orders, such as PhilHealth Corporation Order Nos. 2023-0010 and 2023-0037, a PhilHealth memorandum order, and Anti-Red Tape Authority Memorandum Circular No. 2022-05
• Copies of department orders, such as PhilHealth Corporation Order Nos. 2023-0010 and 2023-0037, a PhilHealth memorandum order, and Anti-Red Tape Authority Memorandum Circular No. 2022-05
PhilHealth said the leaked internal documents would not affect the overall operations of the agency, but might cause “controversy” especially pertaining to records of cases against hospitals and specific medical practitioners.
PhilHealth said the leaked internal documents would not affect the overall operations of the agency, but might cause “controversy” especially pertaining to records of cases against hospitals and specific medical practitioners.
ADVERTISEMENT
“Pwede siya mapag-usapan, iyong mga hospital or pwede mapag-usapan iyong mga doktor na maaaring nakasuhan ng Philhealth kung iyon ang mga data na nandoon,” Pargas said.
“Pwede siya mapag-usapan, iyong mga hospital or pwede mapag-usapan iyong mga doktor na maaaring nakasuhan ng Philhealth kung iyon ang mga data na nandoon,” Pargas said.
“Iyon po pong personal identifiable information ng members natin or ating empleyado ay pwede magamit for identity theft and pwede magamit siya sa pagbubukas ng accounts o paggamit ng credit cards na pwede pandaraya ang mangyayari,” he added.
“Iyon po pong personal identifiable information ng members natin or ating empleyado ay pwede magamit for identity theft and pwede magamit siya sa pagbubukas ng accounts o paggamit ng credit cards na pwede pandaraya ang mangyayari,” he added.
Pargas assured the public that the agency was taking measures to improve its systems, such as procuring additional layers of cybersecurity, among others.
Pargas assured the public that the agency was taking measures to improve its systems, such as procuring additional layers of cybersecurity, among others.
ADVERTISEMENT
ADVERTISEMENT