GCash on Monday (Oct. 27, 2025) denied reports of an alleged data leak.
“GCash is aware of an online post alleging that user information is being sold on the dark web. The security and privacy of our users remain our highest priority. We take these allegations seriously and immediately launched an investigation with our cybersecurity experts and relevant authorities to verify the authenticity of these claims,” it said in a statement.
According to GCash, initial findings showed that the alleged dataset does not match the data structure used within GCash systems.
“Further analysis reveals that it includes individuals who are not GCash users, and that many entries appear incomplete, inconsistent, or invalid. These findings strongly indicate that the material being circulated did not originate from GCash,” GCash said.
“At this time, there is no evidence of any breach in GCash systems. All customer accounts and funds remain secure,” it added.
GCash assured that it is working closely with the Bangko Sentral ng Pilipinas, the National Privacy Commission (NPC), and the Cybercrime Investigation and Coordinating Center to validate information from all possible sources and ensure that its systems remain protected.
It also urged users to remain vigilant and to report any suspicious activity only through official GCash channels.
For its part, the NPC said it immediately launched an investigation after a dark web post appeared claiming to sell user information.
The NPC said the post, made by a threat actor using the alias “Oversleep8351,” allegedly offers merchant and basic user data, GCash account numbers, linked bank and virtual card accounts, and KYC (Know Your Customer) records containing names, addresses, employment details, and valid Philippine identification cards.
The NPC’s Complaints and Investigation Division issued a Notice to Explain (NTE) to G-Xchange, Inc., the operator of Gcash, to obtain further details about the alleged incident.
An online clarificatory conference has also been scheduled to facilitate a more detailed discussion of the matter.
The NPC urged GCash users to actively monitor their accounts, enable additional security features to protect their information, and remain alert to phishing attempts and refrain from sharing personal or sensitive data while the investigation is ongoing.