MANILA, Philippines — The Philippine Health Insurance Corporation (PhilHealth) is asking the public to remain “vigilant and take precautionary measures” after it fell prey to a ransomware attack last September 22.
“Using the stolen data, the hackers will likely target members through calls, emails, or text messages. Let us then heed the advice of authorities to refrain from clicking doubtful links or providing passwords or OTPs. It is best to ignore suspicious calls and to delete text or emails instead from unknown and suspicious senders,” PhilHealth chief Emmanuel Ledesma, Jr. said in a statement on Sunday.
The state health insurer also appealed to the public refrain from further circulating leaked data as it has dire consequences under the law.
Recently, authorities have said the hackers may face up to 20 years of imprisonment, while any individual or organization guilty of downloading, processing or sharing such exfiltrated data will likewise be held accountable for unauthorized processing of personal information and may face criminal charges.
PhilHealth also said it has already coordinated with the National Privacy Commission, National Bureau of Investigation, and Philippine National Police to get to the bottom of the hacking incident.
Public-facing applications, member portal, eClaims for electronic submission of hospital claims, and EPRS (Electronic Premium Remittance System) for employer remittances are already 100 percent back online as of October 6, PhilHealth said.
“Application servers that cater to frontline services are also being readied to go back to normal operations,” it added.