GCash says no data breach; Privacy watchdog launches probe, urges vigilance

GCash said it has found no evidence of a data breach based on its initial forensic analysis.

 GCash said it has found no evidence of a data breach based on its initial forensic analysis.




The fintech giant issued the statement following a post on a dark web forum that a threat actor has been selling GCash records which include eKYC (Know Your Customer) information, linked bank accounts, and GCash numbers. 


The data allegedly comprised records from 2019 up to October this year, and included both merchant and basic users with personal details such as names, addresses, employment, and even valid Philippine IDs.


But in a statement issued on Monday, GCash said that based on its initial probe, "the alleged dataset does not match the data structure used within GCash systems. Further analysis reveals that it includes individuals who are not GCash users, and that many entries appear incomplete, inconsistent, or invalid."


The Ayala-led fintech said this indicates that the material being circulated did not originate from GCash.


"At this time, there is no evidence of any breach in GCash systems. All customer accounts and funds remain secure," the company said.


GCash said it is working closely with the Bangko Sentral ng Pilipinas (BSP), the National Privacy Commission (NPC), and the Cybercrime Investigation and Coordinating Center (CICC) to validate information from all possible sources and ensure that our systems remain protected.


The NPC also urged GCash users to be vigilant following the alleged breach. The privacy watchdog said it has launched an investigation and issued a Notice to Explain (NTE) to G-Xchange, Inc. to obtain further details about the alleged incident.


"Should the investigation confirm that the personal data of GCash users have been compromised, the NPC will take regulatory and enforcement action within its mandate under the Data Privacy Act of 2012," the NPC said.


The agecy urged GCash users to actively monitor their accounts, regularly update their MPINs and passwords, and enable additional security features to protect their information.


"The NPC will issue verified updates as soon as more information becomes available. In the meantime, the public is advised to exercise caution and refrain from engaging with or sharing unverified claims circulating online," the NPC said.


source 



COMMENTS

Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content