The Department of Information and Communications Technology (DICT) condemned on Thursday the ransomware attack on the Philippine Health Insurance Corporation’s (PhilHealth) website.
“The DICT condemns the ransomware attack carried out against PhilHealth in an attempt to illegally access the information of its members [...] An extensive checklist has been prepared by the DICT to benchmark PhilHealth’s readiness to get their systems online,” the DICT said in a statement.
According to the statement, DICT’s Cybersecurity Bureau’s National Computer Emergency Response Team (NCERT) conducted onsite critical security measures at PhilHealth’s headquarters, which included the disconnection of workstations from the network, prompt coordination with PhilHealth to determine the extent of the attack, and the collection of relevant logs for a detailed analysis.
The information and communications technology department also added that PhilHealth’s critical web services were undergoing comprehensive security scanning.
“Efforts to restore the functionality of PhilHealth’s DNS server are underway [...] The DICT is committed to ensuring the full restoration of security and stability in PhilHealth systems and to safeguarding government systems and infrastructure from malicious cyber threats,” the statement further read.
The National Privacy Commission (NPC) also investigated the cyberattack against PhilHealth’s website and asked for a complete report regarding the incident.
PhilHealth’s online systems were hit by Medusa ransomware that threatened to leak its members' data if the state insurer failed to provide the $300,000 ransom.
Meanwhile, PhilHealth Spokesperson Dr. Ish Pargas maintained that no personal data was compromised despite the data breach.