Space Travel News
CYBER WARS
 Philippines health insurer hacked: What we know
Philippines health insurer hacked: What we know
 By Pam Castro, with Qasim Nauman in Seoul
 Manila (AFP) Oct 9, 2023

Hackers have stolen the personal data of potentially millions of people from the Philippines's national health insurer, which has urged members to change their passwords after the "staggering" cyberattack.

The hackers have started releasing files including confidential memos from the stolen data to pressure the government into paying a $300,000 ransom.

Here is what we know so far about the attack, which was discovered by the Philippine Health Insurance Corporation (PhilHealth) on September 22:

What did the hackers steal?

PhilHealth and the government have yet to say exactly how many people have been impacted, but the insurer warned members in a notice that data such as addresses, phone numbers and insurance IDs was compromised.

As of June 30, according to its website, PhilHealth had more than 59 million direct and indirect contributors -- more than half the population of the Philippines.

PhilHealth asked members to monitor credit card transactions and change passwords, especially for financial services.

Separately, employee information was also stolen from the targeted computers.

The hackers released some of the data on the dark web, showing health memos and other information that a top government official described as confidential.

An investigation into the scale of the attack is ongoing, but the National Privacy Commission has described the amount of data stolen as "staggering".

Who are the hackers, and what do they want?

The Philippine government has referred to the attackers as the Medusa group, who have demanded $300,000 to restore access to PhilHealth computers and delete the stolen data.

MedusaLocker, first detected in late 2019, has been used to mainly target healthcare organisations and its creators took particular advantage of the emergency situation during the Covid-19 pandemic, according to a US government report.

The ransomware has been sold to criminal actors, and a US government cybersecurity advisory said its creator receives a cut of any ransom.

It was not clear if the Medusa group identified by the Philippines government is the creator of or an entity that purchased MedusaLocker.

How did they get the data?

On September 22, PhilHealth staff were unable to access a number of computers, which displayed a message saying hackers had locked the machines and encrypted the data.

The insurer shut down the affected systems to try and stop the attack from spreading, slowing or entirely shutting down some online services for days.

The government has so far not said exactly how hackers got access to the computers.

But in interviews with local media last week, senior PhilHealth official Israel Pargas said the insurer did not have an antivirus software at the time of the attack.

How has the government responded?

With a blunt 'No'. The Philippines does not pay ransom in any criminal cases, including cyberattacks, officials have said.

However, with hackers releasing more data from the stolen files, calls have grown for the government to conduct an audit of its cyber defences.

The National Privacy Commission said Saturday it has started an investigation into any potential lapses and data law violations by PhilHealth.

The NPC said its analysis of 734 GB of stolen data revealed "sensitive personal data", and warned the public that anyone who downloads this information could face criminal charges.

Related Links
 Cyberwar - Internet Security News - Systems and Policy Issues

Subscribe Free To Our Daily Newsletters
Tweet

RELATED CONTENT
The following news reports may link to other Space Media Network websites.
CYBER WARS
Vietnam linked to spy campaign using EU-made malware
 Paris (AFP) Oct 9, 2023
 Vietnamese agents may be behind a global spyware campaign targeting officials, civil society and journalists around the world using EU-made malware, Amnesty International said Monday. The NGO detailed in a report how a Vietnam-linked account on Twitter, now X, tried to infect the phones of dozens of people and institutions - including overseas Vietnamese journalists, EU and US officials and Taiwanese President Tsai Ing-wen - with malware called Predator. Amnesty has worked with media outlets a ... read more
CYBER WARS
CYBER WARS
Light rocks on deck, gray rocks in the hole: Sols 3966-3697

 NASA's Perseverance captures dust-filled Martian whirlwind

 Double DRT for a Soliday: Sols 3964-3965:

 Dust removal delayed: Sols 3962-3963
CYBER WARS
China's next robotic lunar probe open to foreign science payloads

 China invites Chang'e-8 lunar probe mission global collaboration

 Lunar ambitions boost space funding as investment set to reach $33 billion by 2032

 NASA to begin critical testing of updated engines for future Artemis missions
CYBER WARS
Large mound structures on Kuiper belt object Arrokoth may have common origin

 Plot thickens in the hunt for a ninth planet

 Webb finds carbon source on surface of Jupiter's moon Europa

 Hidden ocean the source of CO2 on Jupiter moon
CYBER WARS
James Webb telescope captures planet-like structures in Orion Nebula

 Study sheds new light on strange lava worlds

 JWST's first spectrum of a TRAPPIST-1 planet

 Alien Machines in the Solar System: The Possibilities and Potential Origins
CYBER WARS
Rocket Lab opens engine development center in Long Beach

 Vega-C Zefiro40 Test: Independent Enquiry

 Spain's MIURA 1 launch campaign kicks off

 Maritime Launch unveils commercial suborbital program at Spaceport Nova Scotia
CYBER WARS
Astronauts honored for contributions to China's space program

 China capable of protecting astronauts from effects of space weightlessness

 Tianzhou 5 spacecraft burns up on Earth reentry

 Crew of Shenzhou XV mission honored for six-month space odyssey
CYBER WARS
SwRI scientists use Webb, Sofia telescopes to observe metallic asteroid

 Initial curation of NASA's OSIRIS-REx sample delayed

 Hera takes wing

 Likely asteroid debris found upon opening of returned NASA probe
Subscribe Free To Our Daily Newsletters




The content herein, unless otherwise known to be public domain, are Copyright 1995-2024 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. General Data Protection Regulation (GDPR) Statement Our advertisers use various cookies and the like to deliver the best ad banner available at one time. All network advertising suppliers have GDPR policies (Legitimate Interest) that conform with EU regulations for data collection. By using our websites you consent to cookie based advertising. If you do not agree with this then you must stop using the websites from May 25, 2018. Privacy Statement. Additional information can be found here at About Us.