THE Philippine Health Insurance Corporation (Philhealth) said that personal information of some of its members was compromised following the cyberattack in its system last week.
In a statement on Monday, October 2, 2023, Philhealth said among the personal information that were compromised were the name of the member, address, date of birth, sex, phone number and Philhealth identification number.
The agency is still identifying the number of affected members as it vowed to address the concern.
“We are working to notify all affected individuals directly. If you have not received a notification from us, you may not have been affected,” Philhealth said.
It advised its members to monitor their credit reports for any unauthorized activity, place a fraud alert in their credit reports, change their passwords for all online accounts, especially financial accounts and be wary of phishing emails and smishing texts.
“We sincerely apologize for any inconvenience this incident caused. We are committed to protecting your data by continuously working to enhance our security measures,” it added.
Last week, Philhealth disabled its systems due to a cyberattack perpetrated by Medusa Ransomware. It noted that the primary database was intact and not infected.
The hackers were demanding $300,000 or around P16 million in order for them to delete the data they have captured and give the Philippine authorities the key to decrypt the data they have encrypted but the agency refused to pay.
It said the Department of Information and Communications Technology (DICT), the National Privacy Commission (NPC) along with law enforcement agencies such as the Philippine National Police (PNP) Cybercrime Division, Cybercrime Investigation and Coordinating Center (CICC) and the National Bureau of Investigation (NBI) were working together to expediently resolve the matter. (SunStar Philippines)