The Bangko Sentral ng Pilipinas said it is now looking into reports of hacking involving Banco de Oro and UnionBank of the Philippines (UBP) following “the surge in complaints posted in social media platforms.”
“We are in close coordination with BDO as well as UBP on this incident to ensure that remedial measures are being undertaken, including reimbursement of affected consumers,” said BSP Governor Benjamin Diokno on his official social media account.
“Rest assured that we continue to collaborate and engage stakeholders to ensure the safety and integrity of the financial system as well as the protection of financial consumers.”
The BSP has been monitoring the surge in complaints posted in social media platforms since the early part of this week. We are in close coordination with BDO as well as UBP on this incident to ensure that remedial measures are being undertaken,— Benjamin Diokno (@GovBenDiokno) December 12, 2021
Diokno also posted a tweet in uppercase that read, "BSP WILL DO EVERYTHING TO ENSURE THE SAFETY AND INTEGRITY OF THE FINANCIAL SYSTEM AS WELL AS THE PROTECTION OF FINANCIAL CONSUMERS."
Some BDO users have posted on social media anomalous activities involving their accounts, with one user reportedly losing as much as P50,000 in the unauthorized transaction. These BDO clients reportedly deposited tens of thousands of pesos to a UnionBank user going by the name "MARK NAGOYO."
Some of these BDO clients, meanwhile, have been seeking redress in a public Facebook group named "MARK NAGOYO BDO HACKED."
The group has over 2,900 members as of writing.
BDO, meanwhile, said it's aware of the "sophisticated fraud technique" that has affected some of its clients.
"We assure you that we have already implemented additional security controls to block further attempts and to continue to protect bank credentials," BDO said in a statement on Dec. 12.
"Cybersecurity is a focal point of the banking sector," BDO said. "While we have put back-end measures in place, we appreciate our clients' continued vigilance to combat fraud."
The bank also required BDO Online app users to update their passwords upon logging in.
UnionBank, in a separate statement, said the company "is collaborating closely with BDO with their investigation of recent fraudulent activites and have already taken immediate action on identified accounts."
"We are likewise working with law enforcement agencies and will not hesitate to take the appropriate legal action against individuals who use their accounts to facilitate criminal activities," UnionBank said.
"We urge the public to remain vigilant and informed. Please change your passwords regularly, refrain from sharing your OTPs and other sensitive financial data, and be wary of messages, whether through email or SMS, that come from unknown sources."