Jade Domantay
G-Xchange, Inc. (GXI)'s official statement denying data breach claims. Photo courtesy: GCash (Facebook)
Mobile wallet GCash has refuted allegations that millions of user accounts were compromised after reports surfaced online claiming that the data of users was being sold on the dark web, on Monday, October 27.
In a statement released, GCash said that there is no evidence of any data breach in its systems, assuring the public that all customer accounts and funds remain safe and secure.
“Upon swift investigation of our cybersecurity experts, the alleged dataset does not match data from GCash systems,” the app stated. “These findings strongly indicate that the data being circulated did not originate from GCash.”
The clarification came after a dark web post allegedly made by a user named “Oversleep8351” claimed to be selling data from the year 2019 to October 2025, including eKYC (Know Your Customer) information, linked bank accounts, and valid IDs priced at $25,000 per bundle.
The National Privacy Commission (NPC) launched an investigation into the alleged incident, issuing a Notice to Explain (NTE) to G-Xchange Inc., an operator of the e-wallet, explaining details surrounding the alleged data sale that surfaced on October 26.
“As of 10:30 a.m. on 27 October 2025, the NPC has not received any official data breach notification from the company,” NPC confirmed.
The NPC urged GCash users to remain vigilant by regularly updating their MPINs and passwords, enabling additional security features, and avoiding phishing scams while the probe is ongoing.
As of late 2024 and early 2025, GCash has reported having over 94 million users in the Philippines, solidifying its position as the country's leading financial super app.
