About Us
Dark web ‘GCash Leak’ likely fake, forensic review finds no signs of breach
- Darkweb, Gcash
By TechWatchPH
A cybersecurity investigation found no evidence of intrusion into GCash systems following reports of a supposed dark-web post offering millions of GCash eKYC records for sale.
The post, which appeared on a forum frequented by cybercriminals, claimed to contain G-Xchange/GCash account identifiers and personal data, and was being sold for cryptocurrency.
However, initial forensic analysis indicates that the alleged dataset does not match GCash’s system structure or official records.
In a statement released by GCash Corporate Communications and Public Affairs, the company said its investigation confirms that its systems remain secure, adding that the data circulating “does not match official records or customer information.”
“Initial forensic analysis shows no compromise in GCash systems; data under circulation does not match official records or customer information,” the company said.
“Further analysis reveals that the alleged dataset includes individuals who are not GCash users and that many entries appear incomplete, inconsistent, or invalid. These findings strongly indicate that the material being circulated did not originate from GCash,” the statement continued.
The company emphasized that it had immediately launched an investigation with its cybersecurity experts and relevant authorities, including the Bangko Sentral ng Pilipinas (BSP), the National Privacy Commission (NPC), and the Cybercrime Investigation and Coordinating Center (CICC).
GCash reiterated that there is no evidence of any breach in its systems and that all customer accounts and funds remain secure.
Cybersecurity analysts warn that threat actors often use fake data breach claims to sow fear, manipulate users into phishing traps, or inflate their reputation on dark-web marketplaces. Criminals sometimes repackage old or publicly available information and sell it as “new” leaks to attract attention or extort companies.
GCash urged the public to remain cautious and report suspicious activity only through official GCash channels, including the GCash Help Center or hotline at 2882.
“GCash remains fully committed to safeguarding customer data, strengthening our defenses, and upholding the trust of millions of Filipinos,” the company said.