MANILA, Philippines – BDO Unibank on Tuesday, December 21, denied updating its terms and conditions with a liability clause after hackers stole funds from hundreds of depositors, saying that the clause has been present “for a long time.”

Posts about the clause made the rounds on social media, insinuating that the hacking prompted the Sy-led bank to state it is not liable for any losses arising from improper or fraudulent access to online banking accounts.

“Liability clause is a regular compliance in the banking industry. This has been part of the normal compliance for a long time. There was no added clause due to the recent incident,” BDO said in a statement on Tuesday, December 21.

Moreover, BDO emphasized that under the terms, which customers agreed to prior to the hacking, the bank is not legally liable for losses caused by such incidents.

“BDO made exceptions and shouldered the losses not caused by the clients to maintain good customer relationship even if the bank is not legally liable,” it said.

Earlier in December, hundreds of BDO clients lost money after hackers found vulnerabilities in the bank’s online platform.

The funds were then transferred to the Union Bank of the Philippines and were supposedly used to buy cryptocurrencies.

BDO is processing reimbursements for nearly 700 clients. Customers said they were asked to sign a quitclaim, or a document which states that they will not sue the bank due to the incident.

The Bangko Sentral ng Pilipinas said around two to four persons, who are neither BDO nor UnionBank employees, were identified in the hacking.

BDO has also identified the tech and web service involved in the hack, effectively stopping the bleeding.

Based on initial reports, customers were not victims of phishing scams, as they did not click on suspicious links or provide sensitive information through any website. – Rappler.com