PhilHealth calls for public cooperation amid data breach

Because of the September 22, 2023 ransomware attack that led to hackers circulating illegally obtained data from Philippine Health Insurance Corporation workstations, PhilHealth once again urged the public to be vigilant and take preventive measures against fraudulent activities.

Included in the preventive measures PhilHealth recommended were changing passwords of online accounts, enabling multi-factor authentication, monitoring suspicious activities in their online accounts, not opening and clicking suspicious emails and links, and not answering suspicious calls and text messages to protect members from being victimized.

“Using the stolen data, the hackers will likely target members through calls, emails, or text messages. Let us then heed the advice of authorities to refrain from clicking doubtful links or providing passwords or OTPs. It is best to ignore suspicious calls, and to delete text or emails instead from unknown and suspicious senders,” said PhilHealth Chief Emmanuel R. Ledesma Jr.

Meanwhile, PhilHealth also warned against further circulating leaked data as this activity has dire consequences under the law.

Authorities stressed that hackers may face up to 20 years of imprisonment, while any individual or organization found to download, process, or share such exfiltrated data will likewise be held accountable for the unauthorized processing of personal information and may face criminal charges.

PhilHealth reiterated that it welcomes and is ready to face any inquiry that would get to the bottom of the incident.

It also vowed to cooperate fully with investigating agencies such as the National Privacy Commission, the National Bureau of Investigation, and the Philippine National Police. — DVM, GMA Integrated News