Style Living Self Celebrity Geeky News and Views
In the Paper BrandedUp Hello! Create with us Privacy Policy

BSP says recent bank hacking issues may be an 'inside job'

Published Dec 14, 2021 1:21 pm Updated Dec 14, 2021 2:58 pm

Bangko Sentral ng Pilipinas Governor Benjamin Diokno said the recent hacking incidents involving Banco de Oro and UnionBank of the Philippines may have involved someone inside the bankss

“I’m sure may kasabwat yan sa loob,” Diokno said in a Dec. 14 interview with DZMM Teleradyo’s Kabayan. “Even the extent of the hacking, marami kasing kaso na sabay-sabay e di ba. Sa palagay ko mayroon yan inside, pero we leave it to the two banks to investigate and kami rin nag-iinvestigate.”

The hacking complaints surfaced on social media around Dec. 11-12, as some bank BDO clients said their accounts made unauthorized transfers to a UnionBank account that went by the name of “Mark Nagoyo.” The BSP as well as BDO and UnionBank have since stated that they are investigating the hacking, with BDO saying that the bank will recover whatever amount is lost by their clients.

Diokno said that the perpetrator likely took advantage of a vulnerability in the system that was exposed when BDO began migrating to a new system.

“Usually ganiyan ang nangyayari when you transition from the old system to a new system. Mayroon somebody from the inside na natitignan ung weaknesses nung sistema, na nasisingitan sila, nangyayari usually yang ganiyan,” said Diokno.

Diokno said that the BSP will also make sure that affected clients will recover their money. At the same time, Diokno said that banks should continue to invest in better technology to make their system more resilient.

In a Dec. 14 statement, BDO said it has been "processing the reimbursement of close to 700 clients affected by the recent online fraudulent transactions."

"We have requested our clients to go to their branch of account and submit documentation to get the refund. The Bank will shoulder the losses perpetuated by this cybercrime incident," BDO said.

PhilSTAR L!fe reached out to BDO for a reaction to Diokno’s comment, but the bank said they have no updated statement thus far from the previous one that was released. BDO has said that it is "continuously investing and working towards improving our security infrastructure to protect our clients’ money.”

UnionBank, meanwhile, said that “as one of the receiving banks for this incident we are coordinating and working closely with BDO. We have already identified the accounts that BDO sent us for investigation and immediately put a freeze on these accounts.”

Diokno, though, noted that it is virtually impossible to protect consumers “100%” today due to the increase in digitalization. Diokno also urged everyone to practice good cyber hygiene by periodically updating passwords.

How to create secure passwords

The pandemic, which has spurred people cooped up at home to increase their digital transactions, has also helped fuel cyber attacks. Here are some tips from a cybersecurity expert on how to create a strong password:

  1. Set a multi or dual factor authentication,
  2. Change your password every three months,
  3. Create lengthy and complex passwords,
  4. Avoid birthdays, anniversaries, names of parents, siblings or children,
  5. Have different passwords for different accounts

Watch the video below on how to lessen the risk of hacking.