Congress probe sought on PhilHealth data breach

MANILA, Philippines — Lawmakers belonging to the Makabayan bloc have filed a resolution urging their colleagues to investigate the Medusa ransomware cyber attack on the Philippine Health Insurance Corp.

“PhilHealth must be compelled to fully explain the extent of the data breach and to put in place stronger security measures following the ransomware attack,” the lawmakers said in House Bill 1350.

They said the House committee on information technology should spearhead the probe.

Capt. Michelle Sabino, spokesperson for the Anti-Cybercrime Group (ACG), said the state insurer has not sought police assistance.

The Makabayan bloc is composed of party-list representatives France Castro of ACT Teachers, Raoul Manuel of Kabataan and Arlene Brosas of Gabriela.

The resolution decried the government’s downplaying the incident by claiming that only “application servers and employees’ workstations were affected by the ransomware attack, while the membership database remained unaffected.”

“PhilHealth initially assured the public that the incident is under control and that no personnel information and medical information has been compromised or leaked,” HB 1350 declared.

With the government’s health insurer falling victim to hackers, an anti-scam advocacy group has urged Filipinos to increase their vigilance against online fraud.

In a statement, Scam Watch Pilipinas has asked Filipinos, particularly PhilHealth members, to be more vigilant and not to be too trusting in online transactions.

Scam Watch Pilipinas is urging the public to be more vigilant online and to “start practicing cyber hygiene to fend off any form of online scams, whether related to the PhilHealth incident or not.”

The group admitted that the exposure of PhilHealth data is a source of serious national concern.

Scam Watch said Filipinos should regularly change their passwords and use unique combinations for all of their online platforms. They are advised to enable two-way authentication as an additional layer of security.

Scam Watch Pilipinas also said apps should be up-to-date in security patches to counter known risks and vulnerabilities.

The group also recommended that Filipinos install antivirus software that can detect and block malicious activities.

Furthermore, Scam Watch reminded everyone to put up a certain level of distrust when dealing with people online.

PhilHealth data stolen by hackers using the Medusa ransomware were found to have been leaked to online channels like Telegram on Thursday. Reports about the leak showed that the hackers exposed around 600 GB of data that contain alleged information on PhilHealth members.

Earlier, PhilHealth admitted that it has yet to determine the volume of records taken by Medusa, but expressed belief a number of sensitive information was included in the ransomware attack. These data cover name, address, birthday, sex, mobile number and identification number.

Prior to the online leak, the hackers demanded ransom of $300,000 in exchange for the data being kept safe.

As a policy, the government insisted it makes no payment of ransom to criminal groups. — Elijah Felice Rosales, Emmanuel Tupas