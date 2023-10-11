Philippine Health Insurance Corporation (PhilHealth) manually process their members’ transactions at PhilHealth National Capital Region Central Branch in Quezon City on Tuesday, September 28, following the shutdown of their online system due to a cyberattack last week. Maria Tan, ABS-CBN News

MANILA — The Philippine Health Insurance (PhilHealth) Corporation on Wednesday said they would notify their members who have compromised data after they analyze the information uploaded by hackers.

PhilHealth earlier admitted its outdated cybersecurity system enabled hackers to gain access to employees' work stations, which they use to download data, create policies, presentations, and research.

The hackers, however, failed to infiltrate the PhilHealth database on membership, contribution, and accreditation.

The government earlier rejected ransom demands by the hackers, which led to the leaking of the data to the Dark Web.

Rey Baleña, acting vice president of PhilHealth's corporate affairs group, said the state insurer is waiting for the Department of Information and Communications Technology (DICT) to give them a copy of the files.

A cybersecurity task force has also been formed in the agency to prevent similar attacks from happening again, according to Baleña.

"Tuloy-tuloy 'yung investigation dito at kami ay bibigyan ng DICT ng kopya ng mga files na na-download nila mula sa na-post ng mga hacker," Baleña said in a public briefing.

"Wala kaming capacity at expertise na gawin ito. Kapag naibigay na sa atin itong mga files na na-download nila, makakapagsimula na kami ng aming analysis — sino-sino ang mga miyembro na nakompromiso at nang sa gayon ay magawa na namin ang pag-reach out at pag-notify sa mga miyembro na nakompromiso," he said.

Baleña added that they were not expecting for the data to be retrieved anymore, as this was already released.

The PhilHealth official urged members to not entertain suspicious calls and emails.

"Unfortunately, hindi na ito mababawi (data) ang atin na lang gagawin moving forward ay hindi na ito mangyari sa pamamaraan na masiguro na mayroon tayong [sufficient] na anti-virus software," he said.

"As we speak, mayroon na tayong naka-up, install. As we speak now, awarded na sa ating bagong provider ang kontrata para sa ating anti-virus softwares," he said.

Those who have concerns or complaints on the ransomware attack, he said, may course their query through their temporary email addresses at phic.actioncenter2023@gmail.com and phic.dpo@gmail.com.

An expert earlier said the state insurer might be held liable for a data breach in the agency, even if it was also a victim of a ransomware attack.

The National Privacy Commission (NPC) this week said it was looking into PhilHealth’s accountability as the cyberattack could have exposed its members' data.