The Philippine Health Insurance Corporation (PhilHealth) once again appealed to the public to be vigilant and take precautionary measures against different forms of fraudulent activities as a result of the ransomware attack September 22, 2023 attack.
The hackers have reportedly started circulating illegally obtained data from the workstations of PhilHealth employees. To help protect members from being victimized by opportunists, PhilHealth strongly recommended changing passwords of online accounts, enabling multi-factor authentication, monitoring of suspicious activities in their online accounts, not opening and clicking suspicious emails and links, and not answering suspicious calls and text messages.
“Using the stolen data, the hackers will likely target members through calls, emails or text messages. Let us then heed the advice of authorities to refrain from clicking doubtful links or providing passwords or OTPs. It is best to ignore suspicious calls, and to delete text or emails instead from unknown and suspicious senders,” PhilHealth Chief Emmanuel R. Ledesma, Jr. said.
The state health insurer also appealed to refrain from further circulating leaked data as it has dire consequences under the law. Recently, authorities have said the hackers may face up to 20 years of imprisonment, while any individual or organization found to download, process or share such exfiltrated data will likewise be held accountable for unauthorized processing of personal information and may face criminal charges.
PhilHealth reiterated that it welcomes and is ready to face any inquiry that will be called upon to get to the bottom of the incident. It vowed to cooperate fully with investigating agencies such as the National Privacy Commission, National Bureau of Investigation and Philippine National Police.
“Bilang responsable sa mga impormasyon ng ating mga miyembro, nakahanda po kaming makipagtulungan sa mga imbestigasyon para lalong mapagbuti ang cybersecurity system. Makakaasa po ang publiko na may malaking kabutihang dulot ang pangyayaring ito para maging mas mabuti ang ating serbisyo sa miyembro,” Ledesma asserted.
As of October 06, 2023, 100 percent of its public-facing applications were back online which include the website, Member Portal, eClaims for electronic submission of hospital claims, and EPRS for employer remittances. Application servers that cater to frontline services are also being readied to go back to normal operations. ###