PhilHealth network breach bound to happen–workers
The workers’ union of the Philippine Health Insurance Corp. (PhilHealth) claimed on Thursday that the ransomware attack on the state health insurer’s computer network was “bound to happen” and blamed “incompetence and lack of accountable leadership.”
In a statement on Thursday, the Philhealth Workers for Hope, Integrity, Transparency and Empowerment said the ransomware attack on PhilHealth’s entire online systems—including hospital and member portals—was not an accident, but a “mishap bound to happen because safeguards were not prioritized.”
“[The cyberattack] reveals the ill-preparedness of the corporation in crisis management,” the employees said, adding that the country’s universal health care is “being held hostage” because of “incompetent” officers running the state insurer.
It also revealed that PhilHealth personnel “make do with shared computers, borrowed printers, and lack of basic virus protection.”
“Employees on the ground routinely face the consequence of poor decision-making and lack of foresight,” lamented the group.
The union also demanded a “full-blown investigation” to determine PhilHealth departments and high-paying executives who had been “remiss in their duties and responsibilities to protect the interest of public service” so the state insurer could get rid of them.
As of Thursday night, the PhilHealth website remained inaccessible, nearly a week after the ransomware attack, allegedly by the “Medusa group.” The state insurer also has yet to confirm whether hackers demanded the payment of $300,000 in exchange for decryption keys and whether it planned to pay the said ransom.
PhilHealth spokesperson Israel Paragas earlier assured members that their personal and medical records have not been compromised by the data breach, but cybersecurity experts said PhilHealth had no way of knowing for sure until they retake possession of the frozen data.
Moreover, hackers were able to infect the state insurer’s application servers and at least 72 “workstations,” affecting some of the personnel’s computers and possibly their personal information.
“We are still in the thick of things about how it has affected our system and [are] still looking into that,” he said on Wednesday.