NPC orders PhilHealth: Explain Medusa attack

Credit to Author: Rainier Allan Ronda| Date: Wed, 27 Sep 2023 00:00:00 +0800

MANILA, Philippines — The National Privacy Commission (NPC) has ordered the Philippine Health Insurance Corp. (PhilHealth) to explain the alleged ransomware attack on the state health insurer’s system.

In a statement released on Monday, the NPC said it was notified on Sept. 25 by PhilHealth regarding the alleged ransomware attack.

“The complaints and investigation division of the NPC has taken action to address this incident. We issued a notice to explain to PhilHealth, seeking comprehensive information regarding the nature and extent of the data breach,” the NPC said.

Earlier reports said that PhilHealth’s system was attacked by the Medusa ransomware on Sept. 22.

Apart from the notice to explain, the NPC also issued PhilHealth a notice to appear at a hearing scheduled yesterday.

It said the notices would be followed by a notice of onsite investigation on Sept. 28.

“These actions have been initiated to evaluate the impact of the alleged data breach and to assess the mitigation efforts undertaken by PhilHealth, with a primary focus on protecting the interests of the affected beneficiaries and contributors,” the NPC said.

“In strict adherence to NPC Circular No. 2016-03, we expect PhilHealth to provide a complete report within the next two days,” it added.

The privacy commission said this report must contain a comprehensive account of the breach, including details on personal data that may have been compromised, and the measures implemented to contain and rectify the situation.

“The NPC is dedicated to ensuring the privacy and security of the personal data of all citizens. Rest assured, we will keep the public informed of the developments on this matter as they become available,” the NPC said.

After the Medusa attack on PhilHealth’s systems, cyberhackers demanded $300,000 or approximately P16 million for the return of data they encrypted, according to the Department of Information and Communications Technology.

The DICT said the national computer emergency response team of its cybersecurity bureau has been mobilized to investigate the incident.

https://www.philstar.com/rss/headlines