A PHILIPPINE senator has filed a resolution that seeks to probe a recent ransomware cyberattack on the Philippine Health Insurance Corp. (PhilHealth) website, saying it risks the private information of its members.

“The cyberattack against PhilHealth is not just an attack against a government institution, this is also an attack against every member of PhilHealth and their rights to have secure medical assistance,” Senator Mark A. Villar, who filed Senate Resolution 811, said in a statement.

“It is high time that we strengthen our cyberspace security as we are dealing with private and delicate information that could endanger, not just of one institution, but of the general Filipino public,” he added.

The Department of Information and Communication Technology (DICT) earlier said PhilHealth’s website and database had been attacked by Medusa ransomware, which encrypts files and demands payment in exchange for the data.

The hackers of PhilHealth’s website were demanding $300,000 (P17 million) from the government, it said.

In a separate statement, the National Privacy Commission (NPC) said it would probe the cyber-attack and has asked PhilHealth to provide a complete report of the incident in the next two days.

“The NPC is dedicated to ensuring the privacy and security of personal data for all citizens,” it said. “Rest assured, we will keep the public informed of developments in this matter as they become available.”

The Philippines topped the list of countries affected by cyber-attacks in Southeast Asia this year, according to a Sept. 20 report by cyber-security firm Palo Alto Networks.

The Philippines ranked 42nd out of 250 countries that were most affected by data breaches in the first quarter, with 48,747 leaked accounts, virtual private network service provider Surfshark said in a May report. This was down by 78.5% from 226,970 in the fourth quarter of last year.

Global cybersecurity firm Kaspersky said in a report on April 17 web attacks targeting entities in the Philippines rose to 492,567 in 2022 from 382,940 a year earlier.

The NPC earlier told senators it needed a budget of P510 million next year to boost its capacity to probe data breaches.

The Philippines ranked second in countries most attacked by web threats last year, NPC Commissioner John Henry D. Naga told a Senate hearing on Sept. 19., citing a separate report from Kaspersky.

The country accounted for 49.8% of the attacks recorded, which were based on web-based cyberthreats detected and blocked by Kaspersky’s security software.

Senate President Juan Miguel F. Zubiri earlier said the Senate plans to boost the intelligence funds of agencies such as the National Intelligence Coordinating Agency (NICA) and National Security Agency (NSA) to prevent cyberattacks. — J.V.D. Ordoñez