Philippines’ Manila A minimum of 13 million members of Philippine Health Insurance Corp. (PhilHealth) have been impacted by the cyberattack caused by the ransomware Medusa.
Actually, it’s in the millions. At first, we can estimate that it includes roughly 13 million records. At a news conference yesterday, Nerissa Santiago, senior vice president and data privacy officer at PhilHealth, stated, “We are just finishing up analysis so we can have the complete information.”
According to Santiago, information on 600–800 PhilHealth staff has also been compromised.
PhilHealth members have not yet been advised that their information has been hacked; however, the staff have already been notified.
“We are still processing and analyzing the data before we can come out with the individual notification because the involved data subjects are very substantial in terms of number and we just obtained the database from DICT (Department of Information and Communications Technology) last week,” she clarified.
PhilHealth reminded the people to take the appropriate precautions to protect their information, particularly when it comes to using the internet.
Emmanuel Ledesma Jr., president and chief executive officer of PhilHealth, promised that there will be no service interruptions in spite of the departure of seven members of the agency’s Executive Committee. He also stated that the organization is prepared to take action to stop such cyberattacks.
The seven PhilHealth Execom members were transferred, according to Health Secretary Ted Herbosa, as a result of the ransomware incident.
On the other hand, Ledesma expressed shock and regret at the Board of Directors’ choice to reassign the seven PhilHealth personnel. He claimed that an investigation ought to have been done prior to the transfer.
Ledesma, however, stated that he accepts the board’s choice to have a “independent check on the management and its officers.”
According to him, the Board of Directors has not yet issued a directive about the transfer or reassignment of the named authorities.
NPC and DICT form a collaboration
A quick response (DSPQR) project for digital security and privacy is being implemented in collaboration between the National Privacy Commission (NPC) and the DICT.
The DSPQR initiative is a unique complaint-handling mechanism created to quickly handle privacy infractions and concerns, according to a statement released by the NPC yesterday.
The Government Digital Transformation Bureau’s eGov application will incorporate the project, the NPC continued.
The NPC stated, “This innovative partnership is a critical step in guaranteeing the protection of every Filipino’s digital security and privacy.”
As per the agreement, NPC will provide periodical reports to DICT, which will also provide resources for the initiative.
As a proactive DICT implementing unit, the NPC will emphasize awareness-building, teaching people and organizations about the project, and showcasing its efficacy in addressing cybersecurity threats and privacy issues.
Along with monitoring and reporting through the Consumer Complaint Centre, Contact Centre ng Bayan, National Computer Emergency Response Team, and the NPC, the NPC would also prioritize cases involving cybersecurity threats, consumer-related concerns, and data privacy issues.
NPC Commissioner John Henry Naga stated, “The project will empower us to swiftly address privacy concerns and violations, ultimately upholding every citizen’s right to privacy in this digital age.”
Additionally, we urge the people of our community to protect their digital wellbeing by being watchful and proactive. Ivan John Uy, the secretary of DICT, stated, “Report any privacy concerns or incidents promptly, as your active role is essential to our collective effort to ensure a safer and more secure online environment for every Filipino.”
On October 25, the DSPQR Project will begin operations.
Amidst the spate of cybersecurity attacks on official websites, Makati City Representative Luis Campos Jr. is advocating for an extra P3 billion to enhance the capacities of the Cybercrime Investigation and Coordinating Centre (CICC).
In order to quickly generate actionable intelligence against all kinds of threat actors, from thrill seekers and hacktivists to cybercriminals and cyberterrorists, “we must bolster the CICC with all the necessary cutting-edge technologies,” he declared.
House Minority Leader Marcelino Libanan and Representative JC Abalos II filed House Resolution 1392, which instructs the House Committee on Information and Communications Technology to look into the cyberattacks on the websites of the Department of Science and Technology (DOST), the Senate, the Philippine Statistics Authority, the state health insurer, and the House of Representatives in order to support legislation.
