The Philippine Health Insurance Corporation (PhilHealth) is currently grappling with the aftermath of a ransomware attack by the Medusa group, according to cybersecurity firm Recorded Future. PhilHealth manages the country’s universal healthcare system, but its websites and portals were disrupted by the attack, causing significant disruptions to services.
As a result of the attack, the affected systems, including Health Care Institution member portals and e-claims, were immediately shut down. PhilHealth’s President and CEO, Emmanuel Ledesma, stated that the restoration of these systems would be prioritized, with the aim of bringing them back online as soon as possible. The configuration and reinforcement of existing information security measures are being carried out to ensure the organization can recover from the incident effectively.
Medusa, the ransomware operation behind the attack, confirmed its involvement one day after the incident was discovered. The group demanded a payment of $300,000 for the deletion of all stolen data, along with an additional $100,000 for an extended payment deadline. However, no details regarding the exfiltrated data were provided by the attackers.
Ransomware attacks continue to pose a significant threat to organizations worldwide, targeting their systems and compromising sensitive data. PhilHealth’s response to the incident highlights the importance of implementing robust information security measures and promptly addressing any vulnerabilities to prevent similar incidents in the future.
– The Record by Recorded Future