The Philippine Health Insurance Corp. (PhilHealth) has maintained that no ransom was paid to hackers after some of its online services were restored on Friday noon after a weeklong cyberattack.
In a statement on Friday, PhilHealth announced that the website and the members’ portal were now back and may be accessed by members. However, the e-claims system used by health-care institutions was expected to be available later in the day.
“PhilHealth has been working round the clock since Friday [last week] to clean up the affected workstations and restore normalcy the soonest,” it said.
A hackers’ group, who calls themselves “Medusa,” reportedly demanded $300,000, or about P16 million, otherwise they would leak the data they stole from PhilHealth’s database. But the state insurer insisted it did not give in to the demands of the hackers.
“On the alleged demand for ransom, we reiterate the government’s policy of not paying one to criminals,” it said.
Following calls from PhilHealth’s labor union to investigate who is liable for the data breach, the state insurer promised to “impose disciplinary actions” on people who had been “remiss in the performance of their duties.”