No stone unturned over UCPB’s cybertheft—Dominguez

Published September 4, 2020, 4:15 PM

by Chino S. Leyco

The Department of Finance (DOF) assured that law enforcers and the Bangko Sentral ng Pilipinas (BSP) will leave no stone unturned in their investigation over the cybertheft from the state-owned United Coconut Planters Bank (UCPB).

Finance Secretary Carlos G. Dominguez III said yesterday that they will use the fullest extent of the law in prosecuting those involved in the P167-million cyber heist from UCPB.

“No stone will be left unturned as we investigate this incident and as we strengthen all components of our security systems. We will also see to it that the perpetrators are caught, tried, and punished to the fullest extent of the law,” Dominguez told reporters.

According to the finance chief, UCPB is now investigating the incident in close coordination with the National Bureau of Investigation and other concerned authorities.

“The investigation started in mid-June. UCPB is reviewing and strengthening its IT and security controls. I have instructed our Government Financial Institutions (GFIs) to keep their security systems up-to-date and sophisticated,” he said.

Dominguez, however, assured that UCPB’s clients’ funds were not affected by the incident.

“UCPB is a resilient and well-managed institution, registering a net income of P2.9 billion for the first half of 2020,” Dominguez pointed out.

“We also assure the public that government financial institutions are consistently fortifying their cybersecurity systems. Client funds are safe and intact, and we are taking the necessary steps to protect our stakeholders,” he added.

Dominguez also added that government banks, like Land Bank of the Philippines and Development Bank of the Philippines, are strictly complying with the BSP Circulars on Information Risks and Security.

“GFIs are consistently updating the security of their databases, servers, devices, and software to respond to new threats and vulnerabilities,” Dominguez said. “GFIs are also taking proactive measures to verify vendors and business partners, and limiting 3rd-party access to critical programs. GFIs also have the mechanisms in place to monitor, detect, isolate, and eliminate incursions into their cyber systems,” he added.