The Department of Information and Communications Technology (DICT) confirmed on Thursday, Oct. 12 that the "suspects" responsible for the attack on the Philippine Statistics Authority (PSA) database are different from those who targeted the Philippine Health Insurance Corporation (PhilHealth).

"That one, I can confirm that it's different. The one in PhilHealth is with the Medusa," Department of Information and Communications Technology (DICT) newly appointed spokesperson, Assistant Secretary Renato "Aboy" Paraiso said during a press conference.

He added that, unlike the "sophisticated" and international group Medusa, the hackers behind PSA are local and amateurs.

"You're seeing right now is isolated [case]," Paraiso added.

However, PSA assured the public that the integrity of the national ID (Identification) and civil registry systems remained uncompromised.

READ:

https://mb.com.ph/2023/10/11/psa-probes-data-leak-national-id-civil-registry-unaffected-1

"The PSA strongly condemns this activity, and we will be working with all law enforcement agencies to apprehend the perpetrators," PSA said in a statement on Oct. 11.

RELATED STORY:

https://mb.com.ph/2023/10/12/psa-data-breach-highlights-urgency-to-provide-dict-confi-funds-to-fight-cybercrimes-gatchalian

DICT extends assistance to PhilHealth

In a statement on Oct. 12, DICT pledged to continue to assist PhilHealth and "improve its cybersecurity posture following a recent ransomware attack."

"The DICT, in coordination with PhilHealth, is still conducting a thorough investigation to determine the extent, kind, and number of data assets that were exposed to the surface and dark web," DICT said in a post.

Moreover, the country's ICT department suggested precautions for the public.

DICT urged the public to "change passwords and use strong and unique passwords that do not use personal circumstances like birthdays or names of next of kin; enable multi-factor authorization in your accounts; refrain from sharing personal information online; look out for phishing emails and do not click any link sent through a text message; and use different passwords for your various online accounts."

Furthermore, DICT asked the public to refrain from sharing suspicious links containing exfiltrated PhilHealth data.

"These may contain malware, and those found guilty of circulating said data could risk facing imprisonment or fines under the Data Privacy Act of 2012. The DICT urges the public to report the presence of the leaked data to relevant authorities such as the DICT, National Privacy Commission, and law enforcement agencies," DICT noted.

Following the hacking incident, DICT recommended that PhilHealth should enhance its cybersecurity measures.

These include ensuring PhilHealth's 100 percent compliance with the recommendations forwarded by the DICT's National Computer Emergency Response Team and upgrading PhilHealth's Information Security Incident Response Team into a Computer Emergency Response Team to adhere to international standards and capabilities.