Amid reports that user data have been found on the dark web.
In a statement issued on Monday, October 27, leading payments platform GCash addressed the ongoing issue surrounding the alleged data breach, with reported stolen information circulating online since Sunday (October 26).
According to the company, there is “no evidence of data breach,” assuring funds and information of its users are safe and secure.
“GCash is aware of an online post alleging that user information is being sold on the dark web. There is no evidence of any breach in GCash systems. All customer accounts and funds remain secure,” it furthered.
The company also noted that upon the swift investigation of its cybersecurity experts, the alleged dataset does not match data from GCash systems.
“Additionally, many entries are incomplete, invalid, or do not belong to GCash users,” also adding that these findings strongly indicate that the data being circulated did not originate from GCash.
“We continue to work closely with the BSP, NPC, and CICC to monitor and validate information from all possible sources and ensure that our systems remain protected,” it said.
Lastly, “GCash remains fully committed to safeguarding customer data, strengthening our defenses, and upholding the trust of millions of Filipinos. Thank you!”
NPC’S STATEMENT
Prior to GCash’s statement, the National Privacy Commission (NPC) has issued its own earlier in the day.
The agency urged the public to exercise heightened vigilance following reports of data leak allegedly involving G-Xchange, Inc., operator of GCash, which surfaced online on 26 October 2025.
“The NPC has immediately launched an investigation after a dark web post appeared claiming to sell user information. The post, made by a threat actor using the alias “Oversleep8351,” allegedly offers merchant and basic user data, GCash account numbers, linked bank and virtual card accounts, and KYC (Know Your Customer) records containing names, addresses, employment details, and valid Philippine IDs,” the commission detailed.
Following this, the NPC said that its Complaints and Investigation Division also issued a Notice to Explain (NTE) to G-Xchange, Inc. to obtain further details about the alleged incident.
“Should the investigation confirm that the personal data of GCash users have been compromised, the NPC will take regulatory and enforcement action within its mandate under the Data Privacy Act of 2012,” said the commission.
Meanwhile, GCash users were also instructed to actively monitor their accounts, regularly update their MPINs and passwords, and enable additional security features to protect their information.
“They must also remain alert to phishing attempts and refrain from sharing personal or sensitive data while the investigation is ongoing,” it added.
Lastly, the NPC said that it will issue verified updates as soon as more information becomes available. Although at present, the agency has yet to issue another one in light of the statement made by GCash.