The UCPB Money Heist: Everything You Need to Know (Don't Worry, Your Money Is Safe)
United Coconut Planters Bank (UCPB) has become embroiled in a money heist worth a Netflix movie, with around P167 million now missing from the bank. The cyber scam comes just weeks after the Philippines was linked to another international financial scam, the Wirecard scandal.
Here’s everything you need to know about the UCPB cyber heist.
What is Going On?
According to various news sources, and confirmed by UCPB and government regulators, an “incident” took place within UCPB wherein a large amount of money was reportedly stolen from its systems.
A news website, Bilyonaryo, was the first to raise the alarm on the issue, quoting inside sources who said that the hackers allegedly stole P167 billion right under UCPB’s nose.
Citing bank officials who wished to stay anonymous, Inquirer.net reported the hackers allegedly created 13 bank accounts with UCPB in May, just one month before they carried out the heist during a long weekend in June.
The state-owned bank had been going through a security system upgrade, and it was during this transition that the hackers managed to infiltrate the UCPB computers with an email attachment that hid a computer virus that granted the thieves access to the thieves.
They were able to monitor how the bank processed, sent, and received cash, and also managed to reportedly manipulate UCPB’s system to lift the ATM withdrawal limit from P20,000 a day to a whopping P9,999,999.
Via ATM withdrawals and online transfers, the syndicate managed to steal P167 million from the bank.
The National Bureau of Investigation has reportedly identified some members of the syndicate as Nigerians, who they believe are working with Filipinos.
What Does UCPB Have to Say?
UCPB has released a statement on the matter, claiming it was investigating what they call an “incident,” but gave no further details.
“UCPB is investigating the incident in close coordination with the NBI and other concerned authorities. Pending completion of the investigation which started mid-June, the Bank continues to review and strengthen its IT and security controls," said the statement.
The P167 million “incident” is also being investigated by the Bangko Sentral ng Pilipinas (BSP).
What Does BSP Have to Say?
In another statement, the central bank said it is “well-aware” of the incident, and that UCPB is “undertaking the necessary remedial measures to heighten cybersecurity” and coordinating with NBI for the “investigation and eventual prosecution of the suspected criminals.”
“Rest assured, in pursuit of our cybersecurity agenda, we continue to collaborate and engage the BSP Supervised Financial Institutions (BSFIs) to ensure the safety and integrity of the financial system as well as the protection of the financial consumers,” said the central bank.
Is Your Money Safe?
The short answer is yes. UCPB and BSP have reassured the public and UCPB members that their money is safe.
"Initial investigation results also indicate no financial losses or damages were incurred by UCPB account holders in this particular incident," said Benjamin Diokno, governor of the central bank.
"The Bank would like to assure its stakeholders that clients' funds were not affected by the incident. UCPB remains to be a strong and profitable institution, registering a net income of P2.9Bn for the first half of 2020,” said UCPB.
So for now, UCPB members can breathe. Your money is safe and not in the hands of thieves. But the same can’t be said for the bank’s missing millions.