MANILA, Philippines — The Philippine Health Insurance Corp. (Philhealth) has temporarily shut down affected online systems after computer hackers attacked the website and its application system.
The computer hackers managed to take down the systems of Philhealth on Friday and blocked access to the site for more than 24 hours.
READ: For weeks, PNP staff database was exposed – cyber expert
In a statement on Saturday, PhilHealth said it has started containment measures as well as an investigation of the “information security incident,” together with the Department of Information and Communications Technology and other concerned government agencies “to assess its extent.”
Investigation
“While investigation is being undertaken, affected systems shall be temporarily shut down to secure our application systems,” PhilHealth president and CEO Emmanuel Ledesma said.
The head of the state insurer appealed for understanding and assured that “we will get to the bottom of this and will institute stronger systems to prevent this from happening again.”
The Inquirer reached out to multiple officials and staff of PhilHealth to confirm whether the incident was a Medusa ransomware attack, but they have yet to reply.
READ: Cybersecurity is a matter of national security, experts tell Marcos
Ransomware suspected
A ransomware is a cyberattack that holds one entity’s data or system hostage until a ransom is paid.
In a February 2023 report by the US Department of Health and Human Services, MedusaLocker, a ransomware variant, was able to “infect and encrypt systems, primarily targeting the health-care sector, after it was first detected in September 2019.
READ: PNP on ransomware: Don’t click
MedusaLocker, deemed as “lesser known but potent,” leveraged the disorder and confusion during the COVID-19 pandemic to launch attacks, the report said.
According to a cybersecurity company last week, a firm usually spends about P55 million or about $1 million to resolve a single data breach and pay off ransom to regain system access.