On September 22, 2023, the Philippine Health Insurance Corporation (PhilHealth) was hit by a ransomware attack. The attack was carried out by the Medusa ransomware group, which encrypts files and demands a ransom payment for the decryption key. The hackers responsible for the attack have demanded a ransom of $300,000 or approximately P17 million as payment to decrypt the files.

PhilHealth detected the attack early on Friday and immediately shut down all of its online systems, including its website, portals, and e-claims. The agency is currently working with the Department of Information and Communications Technology (DICT) and other government agencies to investigate the incident and restore its systems.

Humihiling ng pang-unawa ang #MyPhilHealth sa publiko matapos maapektuhan ang operasyon nito dahil sa information security incident kahapon, Sept 22, 2023.

Iniimbestigahan na ng Korporasyon ang pangyayari. pic.twitter.com/BqhUBfr5Eg

— PhilHealth (@teamphilhealth) September 23, 2023

In a statement, PhilHealth assured the public and its members that their personal and medical information was not compromised or leaked in the attack. However, the attack did disrupt the agency’s operations and caused some inconvenience to its members.

Sa kabila ng information security incident, sinisiguro ng #MyPhilHealth na hindi nakompromiso ang impormasyon ng mga miyembro at patuloy pa ring makagagamit ng benepisyo sa mga accredited health facilities. pic.twitter.com/J1MjCHkXAp

— PhilHealth (@teamphilhealth) September 23, 2023

On September 25, PhilHealth announced they are working to restore all of its systems and that its members could now avail of its benefits again. The agency also said that it was implementing additional security measures to prevent future attacks.