42M people affected by cyberattack on PhilHealth

FORTY-TWO million people were affected by the cyberattacks on the data systems of the Philippine Health Insurance Corp. (PhilHealth) last year, the National Privacy Commission (NPC) told the House Committee on Appropriations on Monday.

During the continuation of the committee's oversight meeting on the budgetary performance of the Department of Health (DoH) and PhilHealth for the first quarter of 2024 and prior years, Marikina City 2nd District Rep. Stella Luz Quimbo asked how many people were affected.

«As of now, we're cleaning 42 million records,» NPC Director Maria Theresita Patula said.

«So those are individuals?» Quimbo, a vice chairman of the committee, asked in Filipino and English; Patula said yes.

Patula said it was PhilHealth's primary responsibility to inform each of those affected of the extent of the breach and how they can protect themselves from cyberattacks.

PhilHealth Chief Operating Officer Eli Santos said the agency «implemented measures to inform the data subjects affected.»

The committee asked PhilHealth to submit by Wednesday a status report on how many of the 42 million affected know, as of July 8, how the breach was made, the data involved, the possible risks, and how they will protect themselves.

Another resource person told the committee that PhilHealth had been provided a way to help in the early detection of a breach attempt.

Santos said PhilHealth experiences hacking attempts daily, «but the current system… prevents such attacks from happening again.»