MANILA, Philippines – The Bangko Sentral ng Pilipinas (BSP) confirmed that the hackers of nearly 700 BDO Unibank accounts have been identified.
Around two to four persons, who are neither BDO nor Union Bank of the Philippines employees, were identified, according to BSP Technology Risk and Innovation Supervision Department Director Melchor Plabasan.
“The real persons behind ‘Mark Nagoyo’ have been identified. I think BDO and UnionBank will definitely file charges if these persons allowed their accounts to be used for these fraudulent activities,” Plabasan said in an interview with The Chiefs on One News on Tuesday evening, December 14.
Plabasan added that these were individual account holders who opened their accounts just last October.
BDO has already identified the tech and web service involved in the hack, effectively stopping the bleeding.
Based on initial reports, customers were not victims of phishing scams, as they did not click on suspicious links or provide sensitive information through any website.
In a press briefing on Wednesday, December 15, UnionBank chief technology and operations officer Henry Aguda said they have since frozen the “fictitious accounts” linked to the hacking incident.
He also said they were able to identify “at least six” persons of interest.
“We’ve already identified persons of interest and we’ve already filed the necessary information with the PNP (Philippine National Police) and the NBI (National Bureau of Investigation). We will be providing the necessary information to them as well as to the BSP,” Aguda said.
Both BDO and UnionBank declined to give an estimate of how much the hackers got.
The funds from BDO clients were reportedly transferred to the UnionBank account of a certain “Mark Nagoyo.” The stolen funds were then supposedly used to acquire cryptocurrencies, according to sources of the Manila Bulletin.
BSP Governor Benjamin Diokno ordered a task force to probe the incident and come out with findings within 30 days.
BDO earlier said it is processing the reimbursement of close to 700 clients affected by the recent fraudulent transactions made online. – Rappler.com