MANILA (3rd UPDATE) — The Bangko Sentral ng Pilipinas (BSP) said Sunday it is working with BDO and Union Bank of the Philippines (UBP) following complaints on social media about accounts allegedly being hacked.
In a statement, the BSP said it had been monitoring complaints since early last week.
"We are in close coordination with BDO as well as UBP on this incident to ensure that remedial measures are being undertaken, including reimbursement of affected consumers," it said.
In a Twitter post, BSP Governor Benjamin Diokno vowed that the central bank would "do everything to ensure the safety and integrity of the financial system as well as the protection of financial consumers."
In a statement, BDO said it was aware of the fraud technique that affected its clients, assuring that it was taking "additional security controls to block further attempts and continue to protect bank credentials."
The bank said it would also reimburse the losses of its affected clients.
BDO added it advised online banking users to update their passwords as a measure to prevent fraudsters from accessing accounts.
BDO is looking into each case and will respond to those affected, it said in a statement, while Edwin Bautista, the president of Unionbank, told Reuters its clients were among the banks that received funds from BDO accounts.
Fewer than 10 Unionbank accounts that received funds from BDO accounts had already been frozen, Bautista said, adding that the bank was taking legal steps against users who permit use of their accounts for criminal activities.
The banks have not yet been able to estimate how much was diverted.
Criminals have occasionally targeted the Philippines' banking system.
Meanwhile, the Bankers Association of the Philippines called on the public to be even more vigilant in light of the recent cybercrime incidents.
BAP President Jose Arnulfo Veloso reminded everyone not to give their personal information, such as the one-time password, to other people, as this can prevent cybercriminals from stealing money.
He also assured the public that banks are doing their part in ensuring that their clients are safe from any form of cybercrime.
"Whenever you encounter a cybercriminal, immediately report it to your respective banks and the police. This is so we can work together to take down cybercriminals, such as the fake bak websites they are using to trick others," Veloso said in a statement.
In 2016, accounts at Manila-based Rizal Commercial Banking Corp received $81 million stolen by unknown criminals from the account of the Bangladesh central at the Federal Reserve Bank of New York, before it vanished into Philippine casinos.
The thieves used fraudulent orders on the SWIFT payments system to execute their heist.
- with a report from Reuters