BDO Unibank Inc. said Tuesday it was processing the reimbursement of nearly 700 clients affected by the recent online fraudulent transactions.
In its statement, BDO said: “We have requested our clients to go to their branch of account and submit documentation to get the refund. The bank will shoulder the losses perpetuated by this cybercrime incident.”
BDO said it was working closely with the appropriate authorities and the Bangko Sentral ng Pilipinas to prevent further occurrence.
Bangko Sentral ng Pilipinas Governor Benjamin Diokno said he wanted to know as soon as possible the results of investigations on the reported hacking incidents of several BDO’s online banking accounts.
Diokno said in a briefing Monday night a task force was formed composed of cyber and anti-money laundering specialists and legal officers to determine the root cause and possible control lapses involving the incident.
“Guided by relevant laws and regulations, penalties and/or sanctions may be imposed depending on results of the examination and I have instructed that recommendations should be submitted within 30 days,” Diokno said.
Diokno said BDO, the largest lender in the country controlled by the Sy family, confirmed in its statement that the incident emanated from a 10-year-old service that was due for phase out early next year.
“What we also know is that some affected customers reported they did not click any links nor were they asked to supply sensitive information, so we are in close coordination with BDO and we’ll update the public on this matter,” Diokno said.
Diokno said BDO took some initial steps to manage what it identified as “sophisticated fraud technique” affecting their clients.
He said getting to the bottom of this would entail a complex cyber forensic investigation to determine the actual number of affected customers and how much they lost from the fraud.
“They have assured us, however, that affected customers shall be duly reimbursed for the losses and we will make sure that this happens as soon as possible. The BSP will also investigate this incident to identify vulnerabilities and non-compliance with expectations in managing cyber and anti-money laundering related risks,” Diokno said.
Diokno said the task force would be led by Chuchi Fonacier, the BSP deputy governor of the financial supervision sector, which is mainly responsible for the regulation of banks and other BSP-supervised
Meanwhile, Sen. Sherwin Gatchalian urged banking institutions Tuesday to be proactive in preventing potential hacking problems.
He cited the need for increased vigilance on online transactions, especially if there’s an apparent surge during wee hours, weekends, and holidays when most cyber criminals carry out their nefarious activities.
“Banks should be vigilant especially on suspicious transactions during wee hours. They should consider ‘red flags’ that these are being done by scammers or hackers,” he said.
BDO bank account holders who were victimized last weekend of unauthorized transactions have taken to social media their experiences of apparent online banking breach and had their cash transferred to a Union Bank account under the name of a certain Mark D. Nagoyo.
While the BSP already assured the public that it was coordinating with the concerned banks to ensure that the affected clients are reimbursed, increased vigilance could have prevented the large scale of victims, Gatchalian said.