PhilHealth hit by Medusa ransomware, DICT restores system

Updated THU · SEP 28, 2023 · 6:01 PM

PhilHealth fell victim to a Medusa ransomware attack on Sept. 22, with hackers demanding $300,000 in exchange for decryption keys.

The attackers infiltrated PhilHealth's systems, stole sensitive data, and used the Medusa trojan to encrypt files.

DICT is restoring PhilHealth's DNS server and investigating the incident, while PhilHealth has been operating manually since the attack.

PhilHealth will not pay the ransom and aims to restore its systems by Sept. 27.

This story was generated by AI to help you understand the key points. For more detailed coverage, please see the news articles from trusted media outlets below.

Topics in this story

Explore more stories about these topics

PhilHealth DICT

PhilHealth hit by Medusa ransomware, DICT restores system

Topics in this story

[EXPLAINER] Medusa attack against PhilHealth: A wake-up call for gov’t agencies

DICT restoring PhilHealth systems affected by ransomware

DICT: Restoration of ransomware-hit PhilHealth system underway

PhilHealth system may be restored on Sept. 27 after ransomware attack: exec

PhilHealth says 72 workstations affected by Medusa ransomware

Privacy watchdog summons Philhealth for probe on ransomware attack

PhilHealth won't pay 'ransom' after cyber attack