No. of :

No. of Shares:

Currently viewed by: Marcus Rosit

Philhealth-9 urges members to take precaution against cyberattacks

ZAMBOANGA CITY, Oct. 6 (PIA) - The Philippine Health Insurance Corporation (PHIC)-Zamboanga Peninsula calls on its members to take precautionary steps in protecting their accounts against cyberattacks.

Members are highly encouraged to monitor their credit reports for any unauthorized activity, place a fraud alert on their credit reports, change their passwords for all online accounts, especially financial accounts, and be wary of phishing emails and smishing texts.

On September 22, 2023, the Corporation suffered a cyberattack from Medusa Ransomware which compromised the data stored on some of their servers and local workstations.

In a statement, PHIC said the primary database was intact and not infected.

The incident was immediately reported to the Department of Information and Communications Technology (DICT), and the National Privacy Commission (NPC) in order to expediently resolve the matter; and to law enforcement agencies such as the Philippine National Police (PNP) Cybercrime Division, Cybercrime Investigation and Coordinating Center (CICC) and the National Bureau of Investigation (NBI) in order to identify and capture the perpetrators.

To contain and mitigate the spread of the cyberattack, the corporation’s IT personnel immediately instituted remedial measures such as disconnecting the network. All PhilHealth employees in the head and regional offices were also advised to undertake security measures in order to prevent further unauthorized disclosure and incurrence of copycat attacks.

As PHIC takes a premium on safeguarding its members’ personal information and upholding their privacy, the corporation is investigating and resolving the matter to protect members' data.

Accordingly, the number of data subjects or records involved is still undetermined, but PHIC is working relentlessly to gather all relevant information. However, the corporation believes that data including the name, address, date of birth, sex, phone number, and PhilHealth Identification Number, among others, were compromised.

The corporation said they are working to notify all affected individuals directly. If a member has not received a notification from PHIC, it means they may not have been affected.

Philhealth has sincerely apologized for any inconvenience this incident caused and is committed to protecting its members’ data by continuously working to enhance their security measures. (RVC/EDT/CCP/PIA9/with reports from the Philippine Health Insurance Corporation)

About the Author

Clennkei Peñalosa

Information Officer

Region 9

Clennkei C. Peñalosa is a member of the Subanen Indigenous Cultural Communities/Indigenous Peoples (ICCs/IPs) who earn a Bachelor’s degree in Broadcasting at the Western Mindanao State University (WMSU) and is currently pursuing her Juris Doctor degree. A content creator and writer, she writes news and feature stories in Zamboanga Peninsula and manages PIA9's social media platforms.

Feedback / Comment

Get in touch