90% ng impormasyong nakuha sa PhilHealth, na-analyze na ng DICT
90% ng impormasyong nakuha sa PhilHealth, na-analyze na ng DICT;
Ahensiya, nagbabala sa publiko vs. posibleng tangkang panloloko gamit ang mga nakuhang data
Ahensiya, nagbabala sa publiko vs. posibleng tangkang panloloko gamit ang mga nakuhang data
Transcript
00:00 The DICT and PhilHealth's hacked system confirmed the millions of data of their members.
00:07 These are the information that were found in the membership claims.
00:12 Glazel Partidia is live in the newsroom.
00:15 Not only the information of the employees that Medusa Hacker Group got from PhilHealth,
00:25 but also the millions of members data of the agency.
00:30 A few weeks after Medusa Hacker Group attacked the data of the Philippine Health Insurance Corporation of PhilHealth,
00:39 70% of the 700GB of information that the group got
00:45 was analyzed by the Department of Information and Communications Technology.
00:50 Aside from the personal and sensitive information of the employees of PhilHealth,
00:55 the DICT confirmed that it also contains the millions of members data of PhilHealth.
01:03 According to the National Privacy Commission,
01:06 the so-called data breach that Medusa got from the group is in the 421,000 files,
01:13 including the information that is related to the membership claims.
01:20 It appears that it's related to the claims. It might be an inventory or something, but it's not the claim form.
01:30 It's like a collection or reports. It appears like that. But we have yet to clarify this with PhilHealth.
01:39 Is it enough to commit fraud? That alone, I don't think it's enough.
01:45 But coupled with additional personal information and additional documents,
01:50 it's possible because you have personal information to start with.
01:55 You already know the PhilHealth number, you already know the name and address and birthdate of the person.
02:00 It's a good start.
02:02 Medusa put the information in the dark web and telegram.
02:07 The NPC is helping the National Bureau of Investigation,
02:12 including the telegram, to remove it from their platform.
02:17 This is also a violation of the law. If the data should not be with you,
02:22 you should not store the data because our assumption is that it will be used in an inappropriate way.
02:32 Those who downloaded the data without authorization can be arrested under the Data Privacy Act for unauthorized processing.
02:40 Aside from the possibility of the person downloading the data,
02:45 the person can also be compromised with the privacy of the person who is getting the information.
02:51 Because there is a software that can get and leak private information.
02:58 That's what Secretary Ivan Uy of DICT said.
03:02 The malware is loaded on those files.
03:07 This is what the criminal organization is using now.
03:12 They are making a fake data leak so that the curious people will know if their names are on the list.
03:21 The malicious software is embedded there and can be accessed on your computer once you download or click the link.
03:29 So, it's a bad omen.
03:31 Philhealth called on the public to be alerted to the possible activities of the next ransomware attack on the agency.
03:40 Philhealth will be asked to change the password on their online accounts, activate the multi-factor authentication,
03:46 and open the malicious email links, calls, and messages.
03:51 DICT will warn the public.
03:54 As long as they have the opportunity, because they haven't gotten a single ransom from the government,
04:02 they will try to monetize the information.
04:06 And they will try to monetize the information by selling the information to scammers, to phishers,
04:13 who can use that data to get a fake ID,
04:18 to register a fake SIM card, a fake registration of a SIM card, or whatever.
04:25 So, they can use that information.
04:27 So, we are monitoring that.
04:29 Anyone who violates the Data Privacy Act is a possible suspect in a criminal and administrative case
04:36 that has a prison and a fine.
04:38 Meanwhile, according to Philhealth, 100% of public-facing applications have returned online.
04:43 Their website, number portal, and e-claims are on the other side.
04:46 Meanwhile, Philhealth has an anti-virus software and will make it stronger by updating their anti-virus.
04:55 Naomi?
04:57 Clazel, because the information of the membership claims was obtained,
05:00 will it affect the claims obtained from Philhealth?
05:04 Naomi, Philhealth assured that the claims of the millions of Philhealth members will not be affected.
05:15 Because in the Universal Healthcare Law, all Filipinos will be included and will be given health benefits.
05:22 Philhealth will also implement a strict verification method so that the so-called bogus claims will not be found.
05:31 Naomi?
05:32 Thank you very much, Clazel Partilia.