PhilHealth members urged to update online credentials amid data breach | ABS-CBN
Welcome, Kapamilya! We use cookies to improve your browsing experience. Continuing to use this site means you agree to our use of cookies. Tell me more!
PhilHealth members urged to update online credentials amid data breach
PhilHealth members urged to update online credentials amid data breach
ABS-CBN News
Published Oct 07, 2023 08:43 PM PHT
The National Bureau of Investigation (NBI) has advised members of Philippine Health Insurance Corporation (PhilHealth) to immediately update their online credentials following a data breach that hit the state insurer.
The National Bureau of Investigation (NBI) has advised members of Philippine Health Insurance Corporation (PhilHealth) to immediately update their online credentials following a data breach that hit the state insurer.
NBI Cybercrime Division Chief Jeremy Lotoc said in a statement Saturday that the exposed personal data might be used by cybercriminals in creating fictitious e-wallet accounts, online bank accounts, social media-messaging accounts to facilitate fraudulent transactions.
NBI Cybercrime Division Chief Jeremy Lotoc said in a statement Saturday that the exposed personal data might be used by cybercriminals in creating fictitious e-wallet accounts, online bank accounts, social media-messaging accounts to facilitate fraudulent transactions.
He said PhilHealth members should update their accounts and change their passwords, email addresses, cell phone numbers, and other details that they have submitted to avoid falling victim to "credential stuffing attack," one of the most common techniques used to take-over user accounts.
He said PhilHealth members should update their accounts and change their passwords, email addresses, cell phone numbers, and other details that they have submitted to avoid falling victim to "credential stuffing attack," one of the most common techniques used to take-over user accounts.
Lotoc also warned that the uploaded PhilHealth data may also contain malicious payloads which could infect computer systems and cause additional harm to the victims.
Lotoc also warned that the uploaded PhilHealth data may also contain malicious payloads which could infect computer systems and cause additional harm to the victims.
ADVERTISEMENT
Likewise, downloading the stolen data without any authority may have legal implications under the Data Privacy Act.
Likewise, downloading the stolen data without any authority may have legal implications under the Data Privacy Act.
The National Privacy Commission has launched a deeper investigation into the data breach that hit PhilHealth after initial analysis found that it involved 734GB of data, an amount that it described as staggering.
The National Privacy Commission has launched a deeper investigation into the data breach that hit PhilHealth after initial analysis found that it involved 734GB of data, an amount that it described as staggering.
It said that the investigation will look into the accountability of PhilHealth officials for the breach, which may have partly been caused by expired antivirus software.
It said that the investigation will look into the accountability of PhilHealth officials for the breach, which may have partly been caused by expired antivirus software.
The NPC said that its Complaints and Investigation Division found “sensitive personal information” among the data that was affected by the breach.
The NPC said that its Complaints and Investigation Division found “sensitive personal information” among the data that was affected by the breach.
The fuller probe will look into the scope of the breach, who could be held responsible for it and what cases they may be prosecuted for.
The fuller probe will look into the scope of the breach, who could be held responsible for it and what cases they may be prosecuted for.
“The NPC will leave no stone unturned in its investigation into the potential negligence of PhilHealth officials and explore whether any efforts have been made to conceal pertinent information,” he said.
“The NPC will leave no stone unturned in its investigation into the potential negligence of PhilHealth officials and explore whether any efforts have been made to conceal pertinent information,” he said.
RELATED VIDEO
ADVERTISEMENT
ADVERTISEMENT
