While it is commendable that PhilHealth is now being transparent about the cyberattack, it is concerning that their DPO and action center utilized email addresses with @gmail.com domains for their official functions.
According to the countdown timer on the Medusa blog on the dark Web, the files they supposedly exfiltrated from PhilHealth's systems will be released on October 3 Philippine time if the $300,000-ransom is not paid in cryptocurrency.
While the project aims to protect citizens by identifying the owners of SIM cards spreading scams, it does the opposite to Filipino mobile subscribers: exposing them to further risks such as number scraping attacks.
Despite claims of having full control over its official Twitter account, the Department of Health (DOH) still has a tweet up promoting the cryptocurrency Ethereum.
Earlier this week, subscribers of PLDT and Smart found out that their ISP was blocking chng.it, the URL shortener of the petition site Change.org, without warning.
A security researcher who analyzed the leaked files found that a Philippine data set contained over 899,000 entries, larger than the popularly reported figure of 879,699.
The official Instagram account of the Presidential Communications Operations Office (PCOO) with the handle @pcoogov has been hacked, with the previous 155 posts deleted and replaced with two camel-themed videos which were timestamped Tuesday, January 7.