GCash assures Filipino users ‘no data breach’

FILE PHOTO: An electronic wallet user checks his balance on Wednesday, December 20, 2023, a few days before Christmas day. —GRIG C. MONTEGRANDE

Popular mobile wallet application GCash on Monday allayed fears that customer data had been sold on the dark web, assuring users that their funds and information remain safe and secure.

In a statement posted on its social media account, GCash said no evidence of such a data breach was found in its systems.

“Upon swift investigation of our cybersecurity experts, the alleged dataset does not match data from GCash systems. Additionally, many entries are incomplete, invalid, or do not belong to GCash users,” it said. “These findings strongly indicate that the data being circulated did not originate from GCash,” it added.

GCash added that they are continuously working closely with the Bangko Sentral ng Pilipinas, National Privacy Commission (NPC) and Cybercrime Investigation and Coordinating Center to verify information from all possible sources and ensure that the GCash systems are protected.

The NPC has launched its own investigation into the dark web post claiming the said breach on the GCash systems.

The post, made by a threat actor with the alias “Oversleep8351,” purportedly offers merchant and basic user data, account numbers, linked bank and virtual card accounts and Know Your Customer.