Rainier Allan Ronda, Elijah Felice Rosales – The Philippine Star

October 28, 2025 | 12:00am

MANILA, Philippines — GCash yesterday assured users of the e-wallet that their accounts and funds are secure in the app following an advisory from the National Privacy Commission (NPC) to exercise heightened vigilance after an alleged data leak.

The NPC said it has immediately launched an investigation, after a dark web post appeared Sunday claiming to sell user information.

Based on preliminary results, however, GCash said the datasets being sold online are different from what is being used in the app, denying claims that the hacker has stolen personal information.

“Further analysis reveals that it includes individuals who are not GCash users, and that many of the entries appear incomplete, inconsistent and invalid. These findings strongly indicate that the material being circulated did not originate from GCash,” the company operated by G-Xchange Inc. said.

GCash said there is no evidence of any breach into its critical systems, and is presently talking to the Bangko Sentral ng Pilipinas, NPC and the Cybercrime Investigation and Coordinating Center to validate further information on the alleged data breach.

The post, made by a hacker using the alias Oversleep8351, allegedly offered merchant and basic user data, GCash account numbers, linked bank and virtual card accounts and KYC or Know Your Customer records containing names, addresses, employment details and valid Philippine IDs.

The NPC said users of the e-wallet should monitor their accounts and update their passwords to protect their identity.

However, the NPC said it has yet to receive any breach notification from GCash as of yesterday morning, but the agency has scheduled an online conference with the e-wallet.

The NPC said it would make available verified updates on the case as soon as it can, warning the public to refrain from sharing sensitive data while investigation is ongoing.

Oversleep8351

Deep Web Konek, which exposes data leaks in the Philippines, yesterday flagged a supposed sale of personal information from GCash on the dark web by Oversleep8351.

The post claimed that it has records of up to eight million GCash users from 2019 and 2025, such as personal information, bank accounts and e-wallet numbers.

Additionally, Oversleep8351 said the datasets include basic and merchant users, with details as sensitive as valid IDs used to verify the GCash account.

Deep Web Konek said if the data leak is true, it would be one of the largest by a Philippine financial technology company to date.