The Philippine Health Insurance Corporation (PhilHealth) said that the cyberattack involving the Medusa Ransomware on September 22, 2023 led to the compromise of data on some servers and local workstations.

PhilHealth emphasized though that its primary database remained unharmed and secure.

The organization promptly reported the cyberattack to various authorities, including the Department of Information and Communications Technology (DICT), the National Privacy Commission (NPC), and law enforcement agencies such as the Philippine National Police (PNP) Cybercrime Division, Cybercrime Investigation and Coordinating Center (CICC), and the National Bureau of Investigation (NBI).

PhilHealth is collaborating closely with these agencies to identify and bring the perpetrators to justice.

All PhilHealth employees in both head and regional offices have been advised to implement enhanced security measures to prevent further unauthorized data access and potential copycat attacks.

Although the exact number of data subjects or records compromised is currently undetermined, the organization said that it is actively working to gather all relevant information.

At this time, it is believed that data elements such as names, addresses, gender, phone numbers, dates of birth, and PhilHealth Identification Numbers were among those compromised.

PhilHealth said it is notifying all affected individuals directly.