Update 3 | BOV cyber attack: €13 million transferred out with false transactions

The bank said customer accounts and their funds were not impacted • Prime Minister addresses Parliament • People and retailers in the dark as to when the situation will return back to normal

Updated at 7:45pm

Prime Minister Joseph Muscat has told Parliament that the cyber attack carried out on Bank of Valletta saw €13 million transferred out of the bank through false international transactions.

He said the bank realised that something was wrong at the start of business when reconciliation of international transactions threw up discrepancies. Within less than 30 minutes BOV decided to shut down its systems after it received confirmation from the Malta Security Services that it had been the victim of a cyber attack, Muscat said.

The attack originated from overseas.

The transactions were made to bank accounts in four countries - the US, the UK, Czechia and Hong Kong. Muscat said that the bank immediately advised its correspondent banks to block the transactions and the process was started to reverse the payments.

"The reason for my statement is to put people's minds at rest that their money is safe in the bank," Muscat insisted, adding that BOV was an important cog for the Maltese economy. He insisted that his statement had nothing to do with the fact that government was a shareholder in the bank but because BOV was systematically important for the economy.

He said the bank had initiated its own internal investigations into the matter and would only start switching on its system when it was sure that the problem would not happen again.

"It is no joke having a bank that controls half the economy shut down for a whole business day but at this stage caution trumped every other consideration," Muscat said.

He said arrangements were being made with the Central Bank of Malta to ensure that some 20,000 social security payments due tomorrow will be able to be issued in those cases where the funds are transferred directly to BOV accounts.

Opposition leader Adrian Delia welcomed the cautious approach insisting that everything should be done to ensure that depositor and shareholder funds are protected.

So far, customers remain in the dark as to when the situation will return to normal.

A scheduled press conference by the bank this afternoon was cancelled as investigations into the serious attack continued.

GRTU CEO Abigail Mamo told MaltaToday the disruption to shops started at around 1pm when point of sale terminals belonging to BOV stopped functioning.

It took a while before retailers realised that the problem came from the bank and not customer cards, she said.

"We had supermarkets advising customers over the public address system that BOV cards could not be used," she said, adding retailers have not been told when the situation will return back to normal.

BOV announced earlier in the day that it shutdown all its operations after detecting an attempt by hackers to access it systems.

The bank said it had “suspended all its operations, including branches, following a malicious external attempt on its systems”.

This included point of sales systems in shops, the bank’s website as well as its internal email system, leaving customers unable to access their funds and the bank unable to communicate via email with third parties.

The Bank said it was working closely with local and international police authorities in this regard. "During routine reconciliations that the Bank carries out regularly it was noticed that there were discrepancies in eleven payments having a total value of around EUR 13 million emanating from the Bank’s foreign payment accounts.  The Bank took immediate steps to address this issue by requesting the international banks involved to stop these payments," the bank said in a statement.

“The Bank would like to assure its clients that customer accounts and their funds are in no way impacted or compromised,” it said, adding that the bank shutting down its operations was a contingency plan and a precautionary measure.

All the operations are safe, BOV reassured and the services will be restored in a phased manner. "Our people are working relentlessly to address this issue with the assistance of local and foreign experts in IT security."

The bank apologised for any inconvenience, adding that it would be keeping its customers and the general public informed of any developments.

In a separate statement, HSBC bank Malta said it had not been subject to any form of cyber-attack and continues to operate normally.

APS Bank said it had decided, as a precautionary measure, to suspend some of its services, including ATMs, cards-related transactions and payments from and to Bank of Valletta). It stressed, however, that the integrity of its customers' accounts was protected and that deposits were safe.