DICT Secretary Ivan Uy. Photo courtesy of DICT

Hackers have reportedly demanded a $300,000 ransom from the Philippine government while claiming to possess data from the Philippine Health Insurance Corporation (PhilHealth).

Reports have surfaced on the Dark Web, where the perpetrators have purportedly offered to sell sensitive information obtained from the PhilHealth database.

The attack on the state insurer’s website on September 22 utilized the notorious Medusa ransomware.

Secretary Ivan Uy of the Department of Information and Communications Technology (DICT) has assembled a specialized team to investigate the breach.

"So far, may team na kami na nagiimbistiga kung paano nakapasok yung Virus," Secretary Ivan Uy stated, acknowledging the seriousness of the situation.

When asked about the government's stance on paying the ransom, Uy stated, "We never pay any ransom at all. The policy of the government is we never give in to blackmail or ransom techniques."

Uy also said that the extent of the hackers' access to critical data within the PhilHealth system remains unverified.

"So far, ang nakita natin sa Dark Web ay puro claims lang nila at mga sample. Ang mga sample na meron sila ay puro mga office memo, wala namang maipakita na may personal information ng mga pasyente o mga kliyente," Uy said.