WHO denies cyberattack on PH COVID-19 records

The World Health Organization (WHO) office in the Philippines on Friday denied there was a cyberattack on its COVID-19 vaccination records, saying the WHO collects only “aggregated” numbers, and not personal information.

Dr. Rui Paulo de Jesus, WHO Representative to the Philippines, called “false and inaccurate” earlier reports that WHO or WHO-hosted databases were hacked, compromising sensitive information of some 78 million Filipinos who got vaccinated against COVID-19.

In a statement, De Jesus said that WHO “does not collect, process or store” the personal details of the beneficiaries in the Philippine government’s vaccination drive in the last three years of the pandemic.

“During the COVID-19 pandemic, WHO collected from national health authorities around the world data that is aggregated at a population level, for example, on the total numbers of COVID-19 infections, deaths and vaccine doses administered in the country,” he explained.

The WHO official noted that such data were “crucial for monitoring the progress of COVID-19 vaccination efforts.”

Reinforce security

On Tuesday, Health Secretary Teodoro Herbosa assured the public that the Department of Health had “taken steps to further reinforce the security of data systems.”

The report of another supposed data breach in the health sector came nearly two months after a group of hackers called “Medusa” took down the website and online applications of the Philippine Health Insurance Corp. on Sept. 22.

The National Privacy Commission initially found that a “staggering” amount of data equivalent to more than 730 gigabytes had been stolen from the state insurer.