Connect with us

Hi, what are you looking for?

HEADLINES

DICT, NPC urged to prepare Filipino consumers, institutions on impact of PhilHealth data breach

NADPOP and PH-CERT offered to provide a third-party perspective and assist PhilHealth in its current breach investigation with the DICT and NPC. 

Two advocacy groups on data privacy urge the Department of Information and Communications Technology (DICT) and the National Privacy Commission (NPC) to warn and prepare Filipino consumers, and institutions that have received PhilHealth member information to deliver their services, on the potential impact of the PhilHealth data breach through a Medusa malware attack discovered last September 22. 

“Compared to the Comelec data breach in 2016, the potential impact of this incident is even bigger as all working Filipinos are mandatorily enrolled, and need to pay monthly contributions. We urgently request the DICT and NPC that even if only a fraction of the extent of the breach has been revealed by the threat actors, they can already guide consumers, and institutions that use PhilHealth information on what to do in case their personal information was compromised by the breach,” said Sam Jacoba, President of the National Association of Data Protection Officers of the Philippines (NADPOP), the Philippines’ first advocacy group of Data Protection Officers. 

Lito Averia, President of the Philippine Computer Emergency Response Team (PH-CERT), a volunteer organization that assists individuals and institutions on information security issues, agree that the regulators should already anticipate the worst case scenario as it is better to warn Filipino consumers as soon as possible as the threat actors can already exploit the illegally accessed personal information.  

“PhilHealth, with the help of the DICT, is releasing information on the breach bit by bit. This is actually understandable as the discovery process for external security incidents is complicated, but they can already assume that a significant number of member data was compromised based on their recent statement,” Averia said. “Thus, better prepare PhilHealth members for the worst case scenario so they will not be caught off-guard and suffer potential financial loss or be a victim of identity theft.” 

Advertisement. Scroll to continue reading.

NADPOP and PH-CERT also offered to provide a third-party perspective and assist PhilHealth in its current breach investigation with the DICT and NPC. 

“If PhilHealth needs unbiased third-party support, we have volunteers who are ready to assist in digital forensics and in the data breach management needs of the agency,” Jacoba and Averia jointly offered. “We are extending our support to PhilHealth and its impacted employees and members during this time as we know the value of all of us helping each other during these times. It takes a community to protect personal information.” 

NADPOP and PH-CERT just concluded CyberSecConPH last September 19 attended by more than 100 cybersecurity professionals, which kickstarted the formation of a Cybersecurity Community of Practice in the Philippines that will connect with the ASEAN-Japan Cybersecurity Community this week in Tokyo. On October 25 to 27, in support of Cybersecurity Month, the two groups will host an online conference on Governance, Risk and Compliance (GRC) that will elevate the knowledge and skills of Data Protection Officers (DPOs) and Cybersecurity Professionals in fighting against internal and external threat actors. The conference is by-invitation only and exclusive to active NADPOP and PH-CERT community volunteers, members and partners. 

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The attackers used a series of campaigns with novel exploits and customized malware to embed tools to conduct surveillance, sabotage and cyberespionage as well...

HEADLINES

Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks...

HEADLINES

A Scale of Harm study by the International Justice Mission revealed that almost half a million Filipino children were trafficked to produce new child...

HEADLINES

Yondu launched an extensive, month-long cybersecurity awareness campaign focused on modern threat detection, incident response, and social engineering defense.

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

HEADLINES

Here are some tips from Sophos for staying secure online during the cybersecurity awareness month.

HEADLINES

While only 21% of hackers believed that AI technologies enhance the value of hacking in 2023, 71% reported it to have value in 2024....

Advertisement