Sen. Mark Villar wants probe on PhilHealth cyberattack

Senator Mark Villar has filed a resolution urging the Senate to investigate the cyberattacks on the websites of the Philippine Health Insurance Corporation (PhilHealth) and other government agencies.

“The incidents of hacking government websites significantly affect the trust and confidence of the public and require the Senate’s investigation as a matter of economic and national security concern,” Villar said in proposed Senate Resolution 811.

He specifically cited the September 22 incident where a ransomware was launched on the PhilHealth website by the Confucius group and demanded $300,000 for them not to expose the data which they illegally obtained.

The compromised data reportedly includes confidential information of Filipinos, such as names, addresses, contact information, and medical records, as well as internal memos and memoranda from PhilHealth officials.

“This incident has exposed the vulnerability of the agency’s data security measures and emphasized the importance of a fortified cybersecurity measure especially in sectors dealing with sensitive public data,” Villar said.

Apart from the incident on the PhilHealth website, Villar cited the hacking of the internal computer system of the Office of the Ombudsman in September 2023, the alleged breach against the National Bureau of Investigation and the Philippine National Police database containing sample photos of IDs, and PNP and NBI clearances last February 2023, the attacks against he Facebook pages of various government agencies, the supposed data breach in the Commission on Elections last March 2016, and the attack against the main Philippine government portal “gov.ph” in 2021, among others.

In a separate statement, Villar condemned the recent hacking of the PhilHealth website, saying this is not only a huge case of information theft but a part of an “extensive attack against public health and welfare” as these attacks compromise the medical information of the state insurers’ members.

“Ang cyberattack laban sa PhilHealth ay hindi lamang atake laban sa isang institusyon ng gobyerno. Ito ay atake laban sa bawat indibidwal na miyembro ng PhilHealth at sa kanilang karapatan sa secured at accessible na tulong medikal,” the neophyte senator said.

(The cyberattack against PhilHealth is not only an attack against one government institution. This is an attack against every individual member of PhilHealth and their right to secure and accessible healthcare.)

“It is high time that we strengthen our cyberspace security as we are dealing with private and delicate information that could endanger, not just of one institution, but of the general Filipino public,” he added.

Philhealth said a total of 72 workstations have been affected by the cyber attack. 

“According to our initial investigation, there were around 72 workstations that were affected and ‘yun pong ating mga system na naapektuhan (the systems affected) is, of course, our website, our e-claims system, our member portal, and our collection system,” said PhilHealth senior vice president Dr. Israel Francis Pargas. —VAL, GMA Integrated News