PhilHealth acknowledged that its antivirus subscription had expired, amid a ransomware assault that led to the state well being insurer disabling its system as a part of safety containment measures.
In Mark Salazar’s report on “24 Oras” on Monday, PhilHealth confirmed that its antivirus software program had expired on April 15, however that it had not been in a position to renew its subscription instantly on account of difficult authorities procurement processes.
However, it added, non permanent antivirus software program is now in place.
“Ineradicate po yun pong virus at ito ang mga nire-ready natin para magamit na ulit ng ating mga kasamahan. So hindi naman lahat ng workstation ay napasok,” stated PhilHealth Corporate Affairs Group OIC Rey T. Baleña.
PhilHealth was hit by a Medusa ransomware assault on September 22, prompting the non permanent shutdown of its on-line programs.
Hackers reportedly threatened to launch the info stolen from its database until the company paid $300,000 in ransom. PhilHealth confused that it could not pay.
It additionally stated that the cyberattack affected the applying server and no less than 72 workers’ workstations.
This weekend, PhilHealth stated it has regained management of its system, with out having to pay the ransom.
“Dahil wala silang nakuha ni isang kusing…they will try to monetize the information by selling the information to scammers,” warned Information and Communications Technology Secretary Ivan Uy.
The Department of Information and Communications Technology has urged PhilHealth workers and members to vary the passwords of their on-line accounts.
PhilHealth has additionally urged the general public to allow multi-factor authentication, monitor suspicious actions of their on-line accounts, chorus from opening and clicking on suspicious emails and hyperlinks or answering suspicious calls.
On Monday, the DICT confirmed that hundreds of thousands had been affected by the info breach.
DICT Undersecretary Jefferson Dy stated that whereas the hackers didn’t leak info to the general public, they supplied the DICT a 40-minute video displaying the data stolen from the compromised database.
“They posted a 40-minute video showing what they got. They’ve got videos, 1×1 photos of a lot of people, they’ve got GSIS cards, including some ATM cards of PhilHealth employees,” he stated.
The DICT’s shrinking funds has additionally come into focus because of the cyberattack. From its P1 funds in 2022, its funds shrank to P600 million in 2023, and its proposed funds for 2024 is barely P300 million. — BM, GMA Integrated News
Source: www.gmanetwork.com