Press "Enter" to skip to content

Posts tagged as “PhilHealth”

PhilHealth to abolish single confinement policy by end of September   

Kaycee Valmonte, writing for Rappler;

The Philippine Health Insurance Corporation (PhilHealth) will soon scrap its single confinement policy.

PhilHealth President Emmanuel Ledesma Jr. told a Senate panel on Tuesday, September 10, that they are committed to making the changes needed “before month-end.”

This is great news to all PhilHealth members.

This means that if a patient was confined due to diarrhea in September and had PhilHealth cover the expenses, the patient has to shoulder the fees if another bout of diarrhea strikes again in October.

Some patients were supposedly told to lie in order to have their hospital bills covered by the state insurer. A mother named Elena Abilar, through a video presented to the Senate panel, recounted her experience with the single confinement rule when her son had pneumonia and had to be hospitalized twice.

PhilHealth did not need to create the “Single confinement policy” in the first place.

NPC launches “Na-leak ba ang PhilHealth Data ko?” Portal

In the wake of the PhilHealth Hacking, Philippines’ National Privacy Commission (NPC) launches the “Na-leak ba ang PhilHealth Data ko? Portal. The “Na-leak ba ang PhilHealth Data ko? Portal is a tool to check if your personal data is included in the PhilHealth cyberattack last Sept 22.

NPC explained that “Na-leak ba ang PhilHealth Data ko? Portal is a “simplified database search portal designed to help individuals verify the status of their personal information in light of the recent incident involving the Philippine Health Insurance Corporation (PhilHealth) database, purportedly exfiltrated by the Medusa Ransomware Group, and posted online on October 5, 2023. As of October 13, 2023, the initial batch of data available on the portal pertains to individuals aged 60 years and above, containing an estimated 1 million records out of 8.5 million senior citizens.”

To access the “Na-leak ba ang PhilHealth Data ko? database search tool, visit: https://philhealthleak.privacy.gov.ph, then just provide your PhilHealth Identification Number (PIN) to know if you are part of the leaked database.

PhilHealth issue another “Urgent Notice to the Public” in connection to the Cyberattack last Sept 22.

PhilHealth has once again release an announcement that they are calling “Urgent Notice to the Public,” this is in connection to the Cyberattack that was made last Sept 22. The health agency reiterates that no member information have been taken and that membership database is intact and unharmed by the cyberattack last Sept 22.

They later reminded the public to be cautious in opening malicious contents online and on social media, which I suppose, is directed to PhilHealth’s employees. The agency is also working with the authorities to catch the perpetrators.

PhilHealth is currently working with multiple agencies that includes Department of Communication Technology (DICT), National Privacy Commission (NPC), Philippine National Police Cybercrime Division, Cybercrime Investigation and Coordinating Center (CICC) and the National Bureau of Investigation(NBI) to identify the perpetrators of the hacking.

Here’s the announcement by PhilHealth:

PhilHealth previously posted a Urgent Notice to the Public explaining what information have been compromised in the cyberattack that happened last Sept 22. Below are compromised PhilHealth member’s information;

  • Name
  • Address
  • Date of Birth
  • Sex
  • Phone number
  • PhilHealth ID number

The Health agency also recommended a number of steps that affected PhilHealth Members can take as a precaution.

The hackers demanded a ransom of $300,000 or approximately P17 million as payment to decrypt the files but according to a report by CNN Philippines, “The DICT confirms that some PhilHealth data affected in the Medusa ransomware attack have been published in the dark web after the deadline to pay ransom money to hackers lapsed.”

DICT official statement on PhilHealth Ransomware Attack

Following the PhilHealth ransomware attack last September 22, 2023, Department of Information and Communications Technology (DICT) has released an official statement.

Here’s the full text of DICT’s statement;

The Department of Information and Communications Technology (DICT), through its Cybersecurity Bureau, proactively responded to address a ransomware attack that targeted the Philippine Health Insurance Corporation (PhilHealth) last September 22, 2023.

Upon learning of the breach, the DICT Cybersecurity Bureau’s National Computer Emergency Response Team (NCERT) went to PhilHealth Head Office and implemented critical security measures which included the disconnection of workstations from the network, prompt coordination with PhilHealth to gauge the extent of the attack, and collection of relevant logs for thorough analysis.

As of September 25, 2023, PhilHealth’s critical web services are only accessible via their IP addresses and currently ongoing comprehensive security scanning. Efforts to restore the functionality of PhilHealth’s DNS server are underway.

The DICT condemns the ransomware attack carried out against PhilHealth in an attempt to illegally access the information of its members. We shall continue to investigate and monitor the acquired logs from PhilHealth’s affected systems. An extensive checklist has been prepared by the DICT to benchmark PhilHealth’s readiness to get their systems online.

The DICT is committed to ensuring the full restoration of security and stability in PhilHealth systems and to safeguarding government systems and infrastructure from malicious cyber threats.

PhilHealth hit by ransomware, Hackers demands $300,000.00

On September 22, 2023, the Philippine Health Insurance Corporation (PhilHealth) was hit by a ransomware attack. The attack was carried out by the Medusa ransomware group, which encrypts files and demands a ransom payment for the decryption key. The hackers responsible for the attack have demanded a ransom of $300,000 or approximately P17 million as payment to decrypt the files.

PhilHealth detected the attack early on Friday and immediately shut down all of its online systems, including its website, portals, and e-claims. The agency is currently working with the Department of Information and Communications Technology (DICT) and other government agencies to investigate the incident and restore its systems.

In a statement, PhilHealth assured the public and its members that their personal and medical information was not compromised or leaked in the attack. However, the attack did disrupt the agency’s operations and caused some inconvenience to its members.

On September 25, PhilHealth announced they are working to restore all of its systems and that its members could now avail of its benefits again. The agency also said that it was implementing additional security measures to prevent future attacks.

PhilHealth premiums for OFW is only voluntary for the duration of the pandemic

Even though it was reported that President Duterte directs PhilHealth to make the payment of premiums voluntary for OFWs, it appears that this only true during the COVID-19 pandemic but R.A. 11223 a.k.a. Universal Health Care Act of 2019 will still be enforced once the country is in the clear.

PhilHealth did reiterates that the Universal Health Care Act of 2019 is “pending amendments of the Law, if any, by the Congress of the Republic of the Philippines.” So until the UHC Law is amended, PhilHealth will still enforced it.

PhilHealth made the announcement of PhilHealth Advisory No. 2020-037 on their official FB page

President Duterte directs PhilHealth to make the payment of premiums voluntary for OFWs via ABS-CBN News

This is great news for OFWs.