The Philippine state health insurer acknowledged that a cyberattack on its internet system on September 22 resulted in the compromise of some of its members’ personal information.
In light of the agency’s data breach, the Philippine Health Insurance Corporation (PhilHealth) reminded its members to “safely access” their data using the member portal.
The public was warned by the state insurer not to click on phony PhilHealth domains because this should only be at gov.ph and not.com or.net.
Additionally, it warned members not to deal with anyone who offered to process their PhilHealth ID or MDR for a cost.
In order to assist members of the Philippine Health Insurance Corporation (PhilHealth) who believe their personal information may have been impacted by the suspected hacking incident, the National Privacy Commission (NPC) has developed a “simplified database search portal”
The NPC began an independent initiative dubbed “Na-leak ba ang PhilHealth Data ko?” utilizing a dataset that was allegedly exposed by the Medusa Ransomware Group.
“The primary aim of this tool is to empower Filipinos, especially senior citizens, to take proactive measures in safeguarding their data and securing themselves against potential risks like identity theft, financial fraud, phishing attacks, extortion, blackmail, medical identity theft, reputational damage, and invasion of privacy,” according to a statement from the NPC.
The first tranche of information made available on the portal as of October 13, 2023, relates to people who are 60 years of age and older and contains an estimated 1 million records out of 8.5 million senior residents.
The 734 GB of decrypted files were published online by the Medusa Ransomware Group on October 5.
“It is crucial to note that [the] portal exclusively focuses on this specific incident and does not encompass data breaches from other sources or incidents. A negative result from this search should not be misconstrued as an assurance of data security in other areas,” the National Privacy Council stated.
How to access the website?
Users must input their PhilHealth Identification Number (PIN) in order to use the portal, and it will then check to see if any of their personal data was exposed.
“Na-leak ba ang PhilHealth Data ko?” can be accessed at the database search tool, visit: https://philhealthleak.privacy.gov.ph/
Source: ABS-CBN News
Disclaimer: All of our articles are for informational purposes only. We are not directly related to the entities being featured. The source/s are indicated at the end of every article so you can further check the legitimacy of our posts.