NPC summoning BDO, Unionbank over “Mark Nagoyo” hacking incident

On Wednesday, December 22, the National Privacy Commission (NPC) said that it’s summoning both BDO and UnionBank to a meeting on Jan. 4 next year in regards to the “Mark Nagoyo” hacking incident which affected hundreds of depositors of the former.

Last week, a number of BDO depositors turned to social media to report unauthorized withdrawals from their accounts and transfers to the UnionBank accounts of a certain “Mark Nagoyo.” This prompted BDO to make a Facebook post urging its customers to change their passwords.

“Change your password to protect your account. Bonus season means scammers and hackers are more active than ever,” the post read.

In a statement, the NPC stated that it’s summoning BDO and UnionBank as part of its investigation into the probable breach of personal data and data processing as a result of the event. In addition, the privacy watchdog is also looking into “the relevance of BDO’s 10-year-old system to the claimed security incident,” according to Privacy Commissioner John Henry Naga. (Read: Hackers hit Diebold ATMs with company’s own software)

The agency will be looking into whether “sufficient technical, organizational, and physical safeguards were in place to prevent unauthorized disclosure of personal information that may have been contained in the system.”

According to the NPC, it has already launched a sua ponte or voluntary investigation into the incident and is coordinating with other government agencies on the issue. (Related: Senate okays bill requiring real-names for SIM card registration)

For its part, BDO has said that it will reimburse about 700 depositors for funds lost owing to a “sophisticated fraud strategy.” However, more than 30 BDO depositors who claim to have been harmed but were denied refunds allege the bank owes them money.

If you like reading our content, why not show your appreciation by treating us to a cup of coffee? (or two, if you’re feeling generous)