THE Department of Information and Communications Technology (DICT) said it is still working to determine the extent to which Philippine vaccination data were compromised by a hack on World Health Organization (WHO) databases.

“The WHO would have to reply to us and give us access (before we can investigate). We’re just waiting for the report and the disclosure from the WHO,” Information and Communications Technology Assistant Secretary Renato A. Paraiso told BusinessWorld by phone on Tuesday.

The WHO holds information compiled during the various countries’ coronavirus vaccination drives.

“We reached out to (the WHO) but there are no formal talks. It would really be up to the WHO to disclose whether this particular breach actually happened,” Mr. Paraiso said.

The scale of compromised data is still being determined, he said, adding that the DICT’s priority for now is to confirm the breach and whether Philippine vaccination records were compromised.

“We can confirm that there was a data dump and apparently it was ascertained that it was from the WHO, not from any other source,” he added.

Digital Pinoys national campaigner Ronald B. Gustilo said the alleged breach should serve as a warning to the government to ensure that its agencies are adequately protected from cyberattack.

“If the government fails to equip our agencies with the necessary funding to implement a strong cybersecurity infrastructure, we should expect more cyberattacks in the future,” Mr. Gustilo said. 

Various government agencies have reported cyberattacks this year alone, including the Philippine Health Insurance Corp. (PhilHealth), which was hit by Medusa ransomware which exposed more than 600 gigabytes worth of member data. — Ashley Erika O. Jose