Metro Manila (CNN Philippines, September 26) — The Department of Information and Communications Technology (DICT) on Tuesday maintained the government will not pay the $300,000 (around ₱17 million) ransom money being demanded by hackers who attacked PhilHealth.
On Sept. 22, PhilHealth was attacked by the Medusa ransomware that allowed hackers to obtain hundreds of thousands of internal files. Dy said the compromised data include confidential memos and employee information like passwords, pictures, and other personal data stored in the affected devices.
The incident also led to the agency shutting down its systems, like website and online operations.
Dy said the hackers gave the government until Oct. 2 to settle the ransom.
Given the no ransom policy, the DICT official said authorities expect the criminals to slowly release information they obtained from PhilHealth. They want to cause panic among the public to urge the government to pay the ransom, he pointed out.
Authorities have yet to determine the exact identity of the hackers, Dy said. Philippine authorities are working with computer emergency response teams of other governments since there are also international organizations victimized by the same criminals, he noted.
Possible negligence of PhilHealth employees
In a separate interview, PhilHealth Senior Vice President Israel Francis Pargas said they are working with other government agencies to further investigate the incident.
“Today we are also meeting with the National Privacy Commission,” he noted. “Titingnan po ng National Privacy Commission kung mayroong (The National Privacy Commission will check if there was) negligence on the side of the corporation or even among its employees.”
Pargas said the NPC will check if the state insurer has enough controls in place to make sure such attacks do not happen. PhilHealth is already seeking guidance from experts regarding tools that can be deployed to prevent a similar incident in the future, he added.
