MANILA (UPDATE)- At least 5 people, including two Nigerians, have been arrested for their alleged involvement in the massive BDO hacking incidents, the National Bureau of Investigation (NBI) said Friday.
The arrested individuals were part of the "Mark Nagoyo Heist Group," which was identified as the group behind the BDO hacking incidents that affected over 700 customers, NBI said in a statement.
NBI officer-in-charge Director Eric Distor named the individuals but ABS-CBN News is withholding their names until formal charges are filed.
The 2 Nigerian nationals were arrested in an entrapment operation conducted by the NBI-Cybercrime Division in Mabalacat, Pampanga on Jan. 18, the agency said.
Meanwhile, another subject was arrested by operatives in a buy-bust operation in Floridablanca, Pampanga for selling scampages or phishing websites, the NBI said, adding that an informant said he was "one of the masterminds behind Mark Nagoyo heist."
He was also allegedly involved in phishing pages copying GCash wallet as well as phishing emails, the NBI said.
The other two were believed to be involved in the hacking as web developer and downloader, the NBI said.
"The operation stemmed from an information provided by the informant who had transactions with the subjects," the statement said.
"The informant voluntarily appeared before the NBI-CCD to give information regarding several individuals believed to be leaders, members, or affiliates of Mark Nagoyo group," it added.
An NBI informant said the arrested subjects were engaged in the business of providing access devices for cash out options for funds that were illegally obtained, including bank accounts, crypto wallets or even point-of-sale terminals of otherwise legitimate merchants.
BSP WELCOMES ARREST
The Bangko Sentral ng Pilipinas (BSP), in a statement, hailed the NBI for their "swift action" that led to the arrest of the individuals tagged in the incident.
BSP added that they would continue working together with banks and stakeholders for the security of digital services and to "ensure the successful prosecution of the cyber criminals."
"This will be instrumental in upholding public confidence in the financial system as cyberthreat actors will now think twice before violating the law," the statement read.
Several BDO customers earlier complained of fraudulent transactions or unauthorized withdrawals from their accounts which were sent to a certain Mark Nagoyo.
Based on initial reports, the perpetrators were able to access bank accounts, even bypassing the one-time PIN required.
BDO earlier said it would reimburse funds lost in these fraudulent incidents.
-- with a report from Johnson Manabat, ABS-CBN News