An official from the Philippine Health Insurance Corporation (PhilHealth) acknowledged that the agency might face significant difficulties in recovering compromised data leaked during the recent ransomware attack.
Rey Baleña, acting Vice President of PhilHealth’s corporate affairs group, disclosed this during a public briefing when questioned about the steps being taken to retrieve the leaked information of the victims.
The ransomware attack on PhilHealth occurred on September 22, leading to a temporary shutdown of its online systems. Following the hackers’ demand for a ransom payment of about $300,000 or approximately P17 million, compromised data was leaked when the deadline passed.
Millions of individuals were impacted by this breach, as confirmed by the Department of Information and Communications Technology.
PhilHealth confirmed that its antivirus software had lapsed on April 15 and faced challenges in renewing the subscription promptly due to intricate government procurement processes.
READ: PhilHealth Admits Ransomware Attack Due to Expired Antivirus Subscription
In response, the National Privacy Commission (NPC) Chief of Complaints and Investigation, Mike Santos, emphasized the importance of PhilHealth employees and members changing their passwords for online accounts.
How to Secure Data After PhilHealth Ransomware Attack
Despite these efforts, Santos highlighted that the NPC is ready to handle a surge in complaints if necessary.
YOU MIGHT WANT TO READ: PSA Hit by Data Breach Following PhilHealth Incident
