‘Data breach’ sa BDO hacking incident sinisilip ng NPC

‘Data breach’ sa BDO hacking incident sinisilip ng NPC

December 23, 2021 @ 7:40 AM 1 month ago


MANILA, Philippines – Tinitignan ng National Privacy Commission (NPC) ang posibilidad na personal data breach ang dahilan ng unauthorized transactions para makuha ang pera mula sa daan-daang BDO Unibank (BDO) depositors.

Sa isang kalatas, sinabi ni NPC Commissioner John Henry Naga na sinimulan na ng Complaints and Investigation Division ng NPC ang imbestigasyon “as early as December 11” at nagpalabas ng notices sa BDO at Unionbank para magbigay ng impormasyon, dokumento, ebidensiya o saksi.

“(The) NPC has been in constant coordination with both banks in relation to the ‘sua sponte’ investigation of the security incident,” ayon kay Naga.

Tinitingnan ng komisyon, ani Naga ang “10-year-old system” ng BDO at kung nasa ayos ang “technical, organizational, and physical safeguards”.

“Apart from requiring additional evidence and information, the NPC has ordered BDO and Unionbank to appear for a clarificatory conference, on Jan. 4, 2022, to verify and clarify the evidence submitted by the banks in relation to the investigation,” ayon kay Naga.

Aniya, nakikipagtulungan na ang NPC sa ibang government agencies sa imbestigasyon ng security incident.

“The NPC assures the public that all steps necessary to safeguard the rights of data subjects shall be taken and that the commission shall exercise the full extent of its powers under the law against any party found to be in violation of the DPA (Data Privacy Act),” ang pahayag ni Naga.

Nauna rito, sinabi naman ng Bangko Sentral ng Pilipinas (BSP) na ang suspected hackers ng compromised BDO accounts ay nakilala na, mayroong dalawa hanggang apat na pinaghihinalaan ang nasa likod ni ‘Mark Nagoyo’ at anin naman ang persons of interest.

Sinabi naman ng BDO na pino-proseso na nila ang reimbursement sa kanilang 700 kliyente na apektado ng mapanlinlang na transaksyon.