Hackers hit UCPB with P167M Cyber heist


The state-owned United Coconut Planters Bank (UCPB) allegedly lost P167 million to hackers who were able to access the bank’s core system in the midst of an online security upgrade, according to reports. The hackers exploited the Philippines’ Independence Day weekend last June to steal millions of pesos from the bank through a combination of massive automated teller machine (ATM) withdrawals and online transfers over the three-day holiday.

The Bangko Sentral ng Pilipinas said Thursday it was investigating a cyber heist at the government-controlled UCPB. “The BSP is well-aware of the reported UCPB incident and has been in close coordination with the bank since the early part of its investigation,” the BSP said in a statement.

“We remain steadfast in fully resolving the matter as we work closely with the bank and relevant law enforcement agency,” it added.

The National Bureau of Investigation (NBI) identified several suspects during the initial investigation, the hackers appeared to be a syndicate of Nigerians and Filipino cohorts that bypassed built-in computer safeguards of the bank to make 57 withdrawals during this period from a single ATM and emptied the machine’s entire stock of P4 million in cash.

Authorities are also looking into the probability of a bigger syndicate operating in the local banking system because some of the funds stolen from UCPB were transferred via Instapay online money transfer facility to accounts in other local banks, from where they were immediately withdrawn.

The hackers installed malware that allowed them to manipulate UCPB’s system and lift ATM withdrawal limits from P20,000 a day to P9,999,999 — far in excess of the P4 million that a single cash machine can hold.

Bank officials and government regulators confirmed that the total loss to UCPB amoun­ted to P167 million.

February of this year when UCPB decided to upgrade its two-decade-old information technology system from another service provider to one offered by Microsoft. In the process, a vulnerability was left open and that’s what these hackers exploited according to reports.

Read More related articles from : Inquirer; ABS-CBN; Bilyonaryo

-StockBytes PH, September 3, 2020.

*The owner of StockBytes PH is a licensed stockbroker, contact us if you want to open a broker-assisted or online account. Contact us/Services.

Ready to start your financial journey? email us at [email protected] or follow us on Facebook and Twitter.