The Philippine Health Insurance Corporation (PhilHealth), responsible for managing the country’s universal healthcare system, recently suffered a ransomware attack that targeted its websites and portals. This incident, which occurred on September 22, has caused significant disruption to PhilHealth’s operations, and the organization is currently struggling to recover from the attack.
Immediately following the discovery of the intrusion, PhilHealth took swift action and shut down impacted systems, including Health Care Institution member portals and e-claims. The president and CEO of PhilHealth, Emmanuel Ledesma, confirmed the incident and assured stakeholders that efforts were underway to restore the affected systems as soon as possible.
PhilHealth plans to restore the functionality of the impacted systems by Monday, September 25, 2023, once necessary configurations and reinforcements to the organization’s information security measures have been implemented.
The Medusa ransomware group, responsible for the attack, promptly acknowledged their involvement and made ransom demands. The group demanded $300,000 for the deletion of all stolen data, as well as an additional $100,000 to extend the payment deadline. However, they did not disclose any specific details about the data that was exfiltrated during the attack.
Ransomware attacks like this pose a significant threat to organizations, as they not only disrupt operations but also hold sensitive data hostage. It is important for organizations to invest in robust cybersecurity measures to prevent such incidents and protect valuable information from falling into the wrong hands.
Sources:
-The Record, recordedfuture.com.