Hackers demand $300K from PhilHealth after data breach

Philippine Health Insurance Corporation (PhilHealth), the Manila government's state health insurer, recently had its database compromised through a Medusa ransomware, as the hackers demanded $300K after the breach.

According to Department of Information and Communications Technology (DICT), the PhilHealth member databases are secure, and the leaked information only pertains to the PhilHealth employees.

The ransom demand is made on the conditions that the hackers would provide decryption keys to access the data again, delete the data and refrain from making it public, and giving DICT a copy of the data in their possession.

DICT is actively collaborating with PhilHealth and their outsourced cybersecurity partners to complete the system cleanup, and their top priority is to restore PhilHealth's online services.

The Medusa ransomware attack has been affecting PhilHealth since June. DICT Undersecretary Jeffrey Ian Dy explained that it conceals itself within the system to evade detection.