Six out of eight external systems of the Philippine Health Insurance Corporation (PhilHealth) that had been affected by a Medusa ransomware attack were up and running on Thursday, the agency’s spokesperson said.
Dr. Israel Francis Pargas said these include the website, members portal, e-claims portal, electronic premium remittance system, and the electronic PhilHealth acknowledgment receipt.
“Tonight, we are hoping to bring out the two remaining systems. So for the external system, hopefully, 8 out of 8 will be working. We (should be) up and about by tomorrow [Friday],” Pargas told ABS-CBN News last night.
“For our internal systems, we are just checking and scanning all our computers and all our systems just to make sure that all are free ofall viruses,” he added.
PhilHealth admitted that it does not disregard the possibility that hackers could have gained access to membership data and records.
From what has been posted online by the hackers, Pargas noted that most of these documents came from the workstations of PhilHealth employees, some of whom have access to the members’ database.
Meanwhile, Rep. Ray T. Reyes of AnaKalusugan party-list group wants PhilHealth to be held liable for failing to protect the personal information of its members.
Reyes, vice chair of the House Committee on Health, also scored PhilHealth officials for blaming government procurement rules for its failure to update its antivirus systems.
“Someone must be held accountable for the hacking and data leak at PhilHealth. They should quit their posts if they can’t competently follow guidelines that were meant to ensure integrity in government transactions,” Reyes said.
“Blaming the procurement rules just shows a failure of leadership in PhilHealth and the lack of importance they place in protecting members’ data. Antivirus software is subscription-based and can be easily procured with basic planning and management,” he added.
PhilHealth executive vice president and chief operating officer Eli Santos earlier said PhilHealth failed to update its antivirus system due to “procurement issues” and “a strict compliance of rules and regulations.”
The lawmaker also slammed PhilHealth for its conflicting statements and lack of transparency during the breach.
Former PhilHealth director Dr. Anthony Leachon said the cyberattack at the state insurer deserves a congressional hearing to avert future cyber attacks not only for the DOH but for the entire government.
He sounded alarm that the attack had jeopardized the whole national insurance system, and also blamed the attack on gross negligence on the part of PhilHealth leadership.
Meanwhile, the Department of Budget and Management’s Government Procurement Policy Board, through its Technical Support Office (GPPB-TSO) responded to PhilHealth EVP Santos’ claims.
“Please note that the rules set by the Government Procurement Policy Board (GPPB) through Resolution No. 05-2022, which EVP Santos cited as cause for such failure, pertains ONLY to online subscriptions where there is no locally available provider and can ONLY be directly purchased online using a credit card, subject to the issuance of a certification by the Head of the Procuring Entity (HoPE) that it is the more expeditious and inexpensive mode of payment as required by COA Circular No. 2021-014,” it said.
As PhilHealth said, it has an existing contract with a locally available supplier, which, therefore, means that the cited GPPB Resolution will not apply, the GPPB-TSO said.
“Hence, PhilHealth is authorized to conduct Public Bidding or adopt any of the alternative methods of procurement, as may be applicable, depending on their project requirements, or, at their option, avail the Guidelines on the Renewal of Regular and Recurring Services issued through GPPB Resolution No. 06-2022,” it said.