By Junex Doronio
JUST LIKE IN THRILLER MOVIES, a shadowy cyber gang called Medusa has hacked the government health insurer PhilHealth and is now demanding $300,000, or around P17 million to unlock the breached database.
This was confirmed by the National Privacy Commission (NPC) on Monday evening, September 25, saying it was notified by PhilHealth regarding a ransomware attack.
PhilHealth, however, assured that only employee information was breached.
On Friday, September 22, the Department of Information and Communications Technology (DICT) bared the cyberattack on the PhilHealth database.
DICT Undersecretary Jeffrey Ian Dy said the $300,000 million ransom being demanded by the “Medusa” cyber gang is in exchange for three things, namely:
- to hand over the decryption keys so the data can be accessed again;
- to delete the data that they obtained and not publish these to the public; and
- to give DICT a copy of the data which is in their possession.
DICT said it is working with PhilHealth and its outsourced cybersecurity vendors to complete the “clean up” of the system. (ai/mnm)