BSP and Financial Institutions Take a More Vigilant Stance Following Recent Banking Hack

Following the recent claims of some bank customers being hacked and losing some of their funds, the Bangko Sentral ng Pilipinas (BSP) is currently probing the case to remedy the issue. The central bank is also actively engaging with affected banks including BDO Unibank Inc. and UnionBank of the Philippines, Inc. in line with the case and is looking into the possibility of reimbursing those who were hacked.

“The BSP will do everything to ensure the safety and integrity of the financial system as well as the protection of financial consumers,” assured BSP Governor Benjamin Diokno. The institution is also closely monitoring social media given the “surge” in complaints earlier this week.

According to BDO, a “sophisticated” fraud technique was utilized to carry out the hack, and they have enforced additional safety measures to mitigate similar instances from happening in the future. “We assure our affected innocent clients that we will reimburse their losses,” it added.

Certain users on Facebook believed to be BDO customers have been posting screenshots of fund transfers made from their accounts into UnionBank accounts, which are said to be unauthorized. UnionBank President and CEO, Edwin Bautista has also said that some of these flagged accounts have been frozen.

“Several accounts have been frozen and investigated. We will not hesitate to take legal action against individuals (that) use their accounts to facilitate criminal activities,” claimed Bautista. Funds from the frozen accounts that are proven to have been stolen will be returned to BDO “after due investigation.”

According to the social media posts, the funds were transferred to the UnionBank account of an individual named Mark Nagoyo. Henry Roel Aguda, the Chief Technology and Operations Officer of UnionBank, believes this could very well be a false name that is being used by the person or group involved.

“I can assure you Mark Nagoyo is not an account holder of UnionBank. When you use InstaPay, you have to use a name, and sometimes it’s fictitious. But we’re trying to investigate right now.”

UnionBank is also coordinating with other financial institutions for the funds that were transferred outside of their own bank. In light of the recent hack, the Banking Association of the Philippines (BAP) President Jose Arnulfo Veloso has advised the general public to be wary of cybercrimes and to always keep their personal information confidential.

“Whenever you encounter a cybercriminal, immediately report it to your respective banks and the police. This is so we can work together to take down cybercriminals, such as the fake bank websites they are using to trick others,” explained Veloso.

BDO has also required all of its online banking users to update their passwords in response. “We at BDO are continuously investing and working towards improving our security infrastructure to protect our clients’ money. While we have put back-end measures in place, we appreciate our clients’ continued vigilance to combat fraud.”

Banking fraud volumes have tripled this year compared to 2019 with losses possibly amounting to ₱1 billion, according to BAP Cybersecurity Committee Vice-Chair Ramon Jocson. The BSP is getting ready to implement issue regulations on fraud management systems of financial institutions in an effort to bolster their cybersecurity measures claimed BSP Deputy Governor Chuchi Fonacier.

“With the rise in cyber-related incidents, supervised banks and financial institutions are expected to employ more robust systems to protect their data and operations for continuous delivery of financial products and services,” said Fonacier.

Source: BusinessWorld