The Philippine Health Insurance Corporation (PhilHealth) suffered another data breach after recovering from the ransomware attack on its servers which occurred in September last year.
As revealed by a local media report, the breach was identified when a user was presented with the details of another individual while checking on self-contributions.
"Upon refreshing the page, the details of another account holder were displayed, an indication of unauthorised data exposure," the report said.
However, the Philippines Department of Information and Communications Technology's (DICT) Undersecretary for cybersecurity, Jeffrey Ian Dy, denied the claims of any cyber attack on PhilHealth servers this time.
He said the glitch was due to "bugs or coding errors, not cyber hackers and has been rectified."
The glitch has caused some disruption in the services, but the website is currently back to normal operation.
Unpaid claims
While the agency is facing criticism due to recurring data breaches compromising the personal information of its members, it seems to have mounting unpaid claims after the major cyber attack.
The Private Hospitals Association of the Philippines Inc. (PHAPI) is appealing to PhilHealth to settle the dues, including what PhilHealth owes to government hospitals.
PhilHealth president and CEO Emmanuel Ledesma Jr said they had already paid a total of 46.5 billion Philippine pesos (S$1.11 billion) out of the more than 100 billion Philippine pesos (S$2.39 billion) to both public and private hospitals.
He added that the earlier attack impacted the stakeholders’ receivables in September and October, but PhilHealth was able to release payments in November.
Ledesma also unveiled plans to launch cloud-based application system deployment, online filing for claims on a motion for recommendation and the adjustment module in a move towards automation.
PhilHealth said it will also implement the claims system override support or SOS this month to rectify bottlenecks in claims processing.
