^

Business

Privacy body starts probe into BDO hacking incident

Ramon Royandoyan - Philstar.com
Privacy body starts probe into BDO hacking incident
BDO said clients should also adjust their privacy settings and choose those who can see their information and posts.
Philstar.com / Irish Lising, file

MANILA, Philippines — The National Privacy Commission said Wednesday it is investigating a massive fraud that hit BDO Unibank Inc. which saw hundreds of the bank’s clients complaining about unauthorized transactions that siphoned out their money.

The probe started last December 11 and would also touch on the Sy-led bank's decade-old system — which is set to be replaced next year — to see if it was equipped with necessary defenses against cybercrimes, Privacy Commissioner John Henry Naga said in a statement.

But more importantly, Naga said the investigation would zero in on any violations of the Data Privacy Act. The online fraud — which happened amid the Christmas shopping season — affected close to 700 clients of BDO. The Philippines’ largest bank in total asset terms is now processing the reimbursements of compromised accounts.

"The NPC also looks into the relevance of BDO’s 10-year-old system to the alleged security incident and to determine whether sufficient technical, organizational, and physical safeguards were in place to prevent unauthorized disclosure of personal information that may have been contained in the system," Naga said.

The NPC noted that under their Rules of Procedure, a sua sponte investigation allows them to probe the cybercrime without the need for a formal complaint from the public or a third party.

Apart from BDO, the NPC also asked Union Bank of the Philippines to explain to the commission the incident after some BDO clients reported that their money were illegally transferred to a UnionBank account under the name "Mark Nagoyo" and were used to buy cryptocurrency. Both banks have been required to provide “additional information, documents, evidence, or witnesses,” as may be necessary for the investigation.

"NPC has been in constant coordination with both banks in relation to the sua sponte investigation of the security incident," Naga said.

For its part, BDO confirmed it is coordinating with authorities. The Bangko Sentral ng Pilipinas has formed a team to investigate the cybercrime. A central bank official said authorities have identified two to four hackers behind the online fraud.

"We will reach out as new information becomes available. In the meantime, we assure you that the Bank is working closely with authorities," Honey Reyes, senior assistant vice president at BDO, said.

BDO UNIBANK INC.

NATIONAL PRIVACY COMMISSION

UNIONBANK OF THE PHILIPPINES

Philstar
  • Latest
  • Trending
Latest
Are you sure you want to log out?
X
Login

Philstar.com is one of the most vibrant, opinionated, discerning communities of readers on cyberspace. With your meaningful insights, help shape the stories that can shape the country. Sign up now!

FORGOT PASSWORD?
SIGN IN
or sign in with
no session for state
no session for code
no session for id_token
no session for user