Vivienne Gulla reports:
The records of around 42 million individuals are possibly affected by the 2023 data breach on Philippine Health Insurance Corporation (PhilHealth), according to the National Privacy Commission (NPC).
NPC’s Maria Theresita Patula issued the statement during Monday’s oversight hearing of the House Committee on Appropriations regarding the budget of PhilHealth and the Department of Health.
“For NPC, we were able to see that there were case files with patient medical record, billing file with member records, member record of rebel returnees (PAMANA), PWD member records also showing password, indigent billing records, killed in action and killed in operation, senior citizens,” Patula said.
In September 2023, the Medusa ransomware gang claimed responsibility for the attack and demanded $300,000 to sell or delete all the data.
The government did not pay the ransom.
Interestingly, however, what it did was to create a portal for citizens to check whether their information had been leaked by Medusa.
Read more at ABS-CBN News.