ICYMI: DICT says hackers started exposing stolen PhilHealth data on dark web

DICT says hackers who attacked PhilHealth last month are already exposing data they stole.

Photo from PhilHealth FB page

PhilHealth employee info on the dark web

According to a report by CNN Philippines, DICT Undersecretary Jeffrey Dy confirmed that hackers who attacked PhilHealth in September began exposing data they stole from the state insurer on the dark web.

Initial analysis by DICT showed that published information includes PhilHealth employees' identification cards, like their Government Service Insurance System IDs, employees' payroll, and other details like “their regional offices, memos, directives, working files, [and] hospital bills.

In terms of PII (personal identifiable information), we saw some IDs, pictures, which we cannot ascertain at the moment if they are Philhealth employees, or members, he also said.

Dy said these may be “teasers” from hackers as they still wait for the government to pay the $300,000 ransom (around PHP 17 million).

The government was firm that it would not pay the ransom money.

DICT and PhilHealth maintained members' database, which contains private information, claims, contribution, and accreditation details, remains "intact" as it was not part of the servers affected by the ransomware attack.

Still, this doesn't ensure that hackers cannot obtain members' information.

It seems the Philhealth workstations and some other servers such as training servers affected by Medusa may have contained these information, Dy said.

PhilHealth also said it is still investigating if the stolen data includes members' personal details.

What do you think about this?

Via: CNN PH