cybersecurity

Inside job? Bangko Sentral, BDO still uncertain how much hackers got

Ralf Rivas
Inside job? Bangko Sentral, BDO still uncertain how much hackers got

Shutterstock

The Bangko Sentral ng Pilipinas forms a task force to determine the extent of the hacking, as well as possible penalties for BDO

MANILA, Philippines – The Bangko Sentral ng Pilipinas (BSP) formed a task force to investigate the hacking incident involving Sy-led BDO Unibank, the country’s largest bank.

So far, they have yet to determine how much hackers got from customers. BSP Governor Benjamin Diokno said it would take a complex forensic investigation to determine the amount and the number of affected customers.

Diokno also said the hack was likely made possible due to a 10-year-old BDO service due for phaseout in 2022.

The task force, which includes BSP Deputy Governor Chuchi Fonacier, BSP Technology Risk and Innovation Supervision Department Director Melchor Plabasan, and the Anti-Money Laundering Council, will also determine possible penalties for BDO.

The BSP chief acknowledged claims of customers that they neither clicked links nor were asked to supply sensitive information prior to the hack.

“They (BDO) have assured us, however, that affected customers shall be duly reimbursed for the losses and we will make sure that this happens as soon as possible,” Diokno said on Monday evening, December 13.

Must Read

BDO clients lose money due to alleged online banking hack

BDO clients lose money due to alleged online banking hack

In an interview with TeleRadyo, Diokno said the incident may have been an inside job.

“I’m sure may kasabwat ‘yan sa loob kasi given the extent of the hacking, marami kasing kaso na sabay-sabay. Sa palagay ko, mayroong inside [job],” he said.

(I’m sure somebody from inside the bank was involved due to the extent of the hacking, lots of cases happened simultaneously. So I think it’s an inside job.)

BDO has yet to come out with an update regarding the incident.

The funds from BDO clients were reportedly transferred to an account of a certain “Mark Nagoyo” in Union Bank of the Philippines. The stolen funds were then supposedly used to acquire cryptocurrencies, according to sources of the Manila Bulletin.

In Filipino, the word “nagoyo” means to make a fool out of someone. – Rappler.com

Ralf Rivas

A sociologist by heart, a journalist by profession. Ralf is Rappler's business reporter, covering macroeconomy, government finance, companies, and agriculture.