NPC Seal
We use cookies to ensure you get the best browsing experience. By continued use, you agree to our privacy policy and accept our use of such cookies. For further information, click FIND OUT MORE.
I AGREE FIND OUT MORE
x
advertisement
Filtered by: Scitech
SciTech

Was BPI hacked? Unlikely, but cybersecurity still a major concern

By TJ DIMACALI, GMA News

It's unlikely that the Bank of the Philippine Islands (BPI) was hacked, but a recent spate of unusual account fluctuations serves to underscore the need for public vigilance in a country that has been historically lax in its cybersecurity.

A number of BPI clients awoke early Wednesday, June 7, to find that the balances of their accounts had inexplicably changed, causing panic over fears of a possible cybersecurity breach.

The bank has since assured its clients that the fluctuations are due to a system glitch, and that all accounts will be restored within 24 hours.

The nature of the glitch

BPI did not answer GMA News Online's inquiries on the specifics of the glitch as of posting time.

However, the evidence seems to corroborate BPI's claim.

"The symptoms of the incident point towards an error in the bank's automation. With some people saying that their accounts are being flooded with money and others saying that their accounts lost money, an error in batch processing appears to be the most likely cause," Democracy.net.ph co-founder and cybersecurity advocate Pierre Tito Galla told GMA News Online.

But this is not to say that cybercriminals can't capitalize on the situation.

Taking advantage of public panic

Phishing and spoofing attempts—that is, hackers trying to steal your password by masquerading as an official email or website—have always been around, but are particularly primed to take advantage of a panicked public.

Moreover, BPI clients agonizing over their life's savings are less likely to spot fake emails and websites in their eagerness to secure their funds.

It's highly likely that hackers have taken advantage of BPI's public relations crisis in just this way, according to Galla.

Caution urged vs. phishers

"Cybercriminals can exploit the situation by sending phishing emails pretending to be BPI, and thus steal identies for later theft and exploitation. Alternatively, 'honeypot' sites, such as those where complaints are encouraged to be made and thus personal data are collected, can be another method," he explained.

"There are few limits in the imagination of a cybercriminal," Galla underscored.

He said that the public can and should consult with government agencies such as the Cybercrime Investigation and Coordinating Center (CICC), the National Privacy Commission (NPC), the National Bureau of Investigation's Cybercrime Division (NBI-CCD), and the Philippine National Police's Anti-Cybercrime Group (PNP-ACG) should they fear that their accounts have been compromised. — GMA News

Tags: bpi, cybersecurity
LATEST ELEKSYON 2025 RESULTS
News
Voter's Education
Candidates
Find out your candidates' profile
Debates
Find the latest news
Stand on Issues
Find out individual candidate platforms
MyKodigo
Choose your candidates and print out your selection.
Voter's Profile
Voter Demographics
Most Popular