Reports suggest that the Medusa ransomware group has started sharing compressed files that are claimed to be from PhilHealth. These files are in zip format and consist of 160 parts, each being 3,891MB or 622 GB. Additionally, there is a single file of 3.5GB, making the total file size available for download 625.5GB in zip format. Renzon Cruz, Principal DFIR Consultant at Unit 42 by Palo Alto Networks, and John Patrick Lita, CEO and co-founder of SOROS Securities Inc., have stated that the unzipped version of this file could exceed 1TB.
To put the size of 1TB into perspective, let’s consider a rough estimate. If we convert 1TB of data into a text file, assuming single-spaced text with a font size of 10 points, a legal-sized bond paper (8.5 x 14 inches) can hold approximately 1000 words. We estimate that 1000 words equal around 5000 bytes. Therefore, 1TB of text, equivalent to 1,099,511,627,776 bytes, would contain roughly 219,902,325 words, filling 219,903 legal-sized bond papers.
Similarly, if we convert 1TB of data into HD movies, assuming each 1080p movie is 4GB, 1TB of data could accommodate 256 movies.
However, please note that these estimates are not precise and can vary based on specific factors. The relationship between the number of words and bytes is a general rule of thumb and may not always be accurate, as it depends on the encoding used. Therefore, these estimates should be treated as approximations.
The size of the data being released by the Medusa ransomware group suggests that it potentially contains a significant amount of sensitive information, such as personal data, financial data, and medical records. While PhilHealth has not yet confirmed whether these files are indeed from their systems, they have advised their members to remain vigilant and take measures to safeguard their personal information.