Four months after the hacking incident, the Bangko Sentral ng Pilipinas (BSP) announced that it will sanction SM Group’s BDO Unibank and the Aboitiz-led Union Bank of the Philippines (UnionBank) for the unauthorized bank transfers during the December 2021 cybersecurity breach which victimized 700 BDO clients.
In a statement released on April 28, the central bank and its Monetary Board (MB) said that it has concluded its investigation into the hacking incident to sanction BDO and UnionBank “to ensure that both banks will swiftly address the issues.”
Moreover, the BSP noted that the incident and sanctions imposed on the involved entities will “emphasize the importance of continuously enhancing risk management systems involving cybersecurity, anti-money laundering, and combating terrorism and proliferation financing.”
“The sanctions also reinforce the need for banks to take a proactive stance in ensuring that their depositors are adequately protected,”
The hacking incident happened last December 9 where multiple BDO accounts were hacked by a scammer named “Mark D. Nagoyo”, who has multiple UnionBank accounts. The cybercriminal stole up to ₱25,000 thousand to ₱50,000 pesos per account.
In its own statement, UnionBank said it cooperated with BDO and the BSP over the investigation into the hacking incident and “with swift action we were able to help BDO recover a sizable amount so that it could return it to its customers.”
Moreover, UnionBank also added that “there were no monetary penalties” and that all the recommendations of the BSP to avoid similar incidents had been implemented.
“We are one with the BSP in pushing for stronger measures from banks against such fraudulent activities, towards creating a more secure digital financial environment for all,” – UnionBank.
In an interview with BitPinas last January, Arvie de Vera, Senior Vice President & Head, Fintech Business Group at UnionBank and now CEO of UnionDigital, assured that the bank will continue to serve the cryptocurrency community in the Philippines. (Read more: UnionBank Assures It’s Still the Most Crypto-Friendly Bank in the Philippines Amidst Reports of Account Closures on Social Media)
So far, BDO has not provided its statement about the sanction yet. However, following the incident last year, BDO has denied changing its terms and conditions for online banking stating that these have long been in place. This comes after online posts of BDO users reporting about a seemingly updated line in the bank’s electronic banking terms and conditions. The new line states that BDO “shall not be liable for any loss or damage” regarding the use of their online banking services from hacking or any other security breaches “with or without your participation.” (Read more: BDO Denies Changing Online Banking Terms Due to ‘Nagoyo’ Scam)
This article is published on BitPinas: BSP to Impose Sanctions on BDO and UnionBank over 2021 Hacking Incident
Disclaimer: BitPinas articles and its external content are not financial advice. The team serves to deliver independent, unbiased news to provide information for Philippine-crypto and beyond.