top of page

PhilHealth cyberattack likely hit 'millions' of members - DICT

Metro Manila, October 10 ------ Millions of members have been affected by the cyberattack on the Philippine Health Insurance Corporation (PhilHealth), based on the analysis of the Department of Information and Communications Technology (DICT). During the agency's event for Cybersecurity Month, DICT Usec. Jeffrey Dy did not give a specific figure, but he described the number of affected to be "significant" and in the "millions." "Unfortunately, it’s significant. It’s not the entire database, but it’s still significant," Dy said. He did emphasize, though, that the number could decrease after duplicated files were discovered.

The DICT is 90% done with its investigation on stolen data, which has now been reportedly published on the dark web and messaging app Telegram. The illegally obtained data amounted to around 700 gigabytes or over 420,000 files. PhilHealth could not directly confirm the report. “I cannot ascertain ano po given that we do not have that capability to look into the files dumped by the attackers to the web,” PhilHealth Acting Vice President for Corporate Affairs Rey Balena said Monday. "Hindi natin dini-discount ‘yung possibility na meron talagang lumabas na na-leak na personally identifiable na information of our members,” he added.

The National Privacy Commission (NPC) is working with the National Bureau of Investigation (NBI) to take these down from the application and run after those who have downloaded the files for violating the Data Privacy Act. Hackers may face up to 20 years in prison and any individual or entity found downloading, processing, or sharing the stolen data will be held accountable for unauthorized processing of personal information and could also face criminal charges. Authorities said information can no longer be recovered and may be sold to scammers and phishers. “Babala po sa ating mga kababayan mag-ingat po dahil ‘yung mismong information ginagamit ng cybercriminals na bait for you to click on it in order to enter your system,” DICT Secretary Ivan Uy said.

While PhilHealth said its public-facing platforms are back to normal, including its website, member portal and e-claims system, investigators are trying to determine the origin of the attack, including possible liabilities of PhilHealth personnel. “We are looking at the possible gaps sa security that led to this hacking. We're looking at responsibilities ng bawat [every] official, department, to see kung meron bang naging [if there is] negligence,” NPC Complaints and Investigation Division Chief Michael Santos.

The state-run health insurer said it has not received complaints from its members related to the cyberattack, as it called on the public to email them at:, The DICT also renewed its call to increase funding for cybersecurity, following the recent hacking and data breach incidents.



bottom of page