STATEMENT ON REPORTED CYBER INCIDENT
March 29, 2023
We received on 27 March 2023 unverified information of Intellicare being included in the list of companies across the globe targeted by a hacker group known as CLOP/CL0p. According to various sources, this group took advantage of a zero-day vulnerability found in GoAnywhere Managed Transfer Solution, a tool owned by a third-party service provider, Fortra, and used by many companies in the Philippines and abroad. Intellicare has this tool.
We take these reports very seriously, thus, the prompt activation of our Security Incident and Data Breach Response Plan to thoroughly investigate this matter. We are coordinating already with Fortra, simultaneous with the disconnection of GoAnywhere from our systems as early as Monday, 27 March 2023.
At this time, we have no evidence suggesting a breach has occurred nor is there demonstrable proof that customer data has been exfiltrated. We are taking every measure to protect your data and we have strengthened further our security protocols to safeguard our systems with the help of our third-party information security experts. We have also deemed it important to report this incident voluntarily with the National Privacy Commission.
We will continue to monitor the situation closely and provide updates as necessary. A dedicated support team has also been deployed. You may email us at dpo@intellicare.net.ph.
May we further seek your patience and understanding as we learn more about the situation.