A dark, hooded figure is seen from the side, typing on a laptop, against a background of glowing blue digital data or code. A large, prominent "GCash" logo in shades of blue is in the upper left corner. The "UNBOX DIARIES" logo is at the top right. A yellow banner at the bottom reads "GCash Responds to Deep Web Leak Claims NPC Conducts Investigation". Social media icons and text are present at the very bottom.

GCash Responds to Deep Web Leak Claims, NPC Conducts Investigation

🖋️ Sly Juan 📅 October 27, 2025
🏷️ , , , , , ,

The National Privacy Commission (NPC) announced that it is now investigating reports of a possible data leak involving GCash operator G-Xchange Inc. This comes after a dark web post claimed to be selling user information from millions of GCash accounts.

What Happened

GCash Responds to Deep Web Leak Claims, NPC Conducts Investigation

A post on a dark web forum by a user called “Oversleep8351” allegedly offered a database containing around seven to eight million GCash user records. The data reportedly includes account numbers, linked bank accounts, valid Philippine IDs, employment details, and KYC (Know Your Customer) information.

The seller claimed that the data was taken from 2019 up to October 2025 and priced the bundle at around 25,000 US dollars, payable in cryptocurrency.

Following this, the NPC’s Complaints and Investigation Division issued a notice to G-Xchange Inc. to explain the matter and is now coordinating with authorities to verify if any personal data has been compromised.

GCash Responds

GCash Responds to Deep Web Leak Claims, NPC Conducts Investigation

GCash quickly released an official statement denying that its systems were breached. The company said that the sample data circulating online does not match its data structure and even includes names of people who are not GCash users.

According to GCash, all accounts and funds remain safe. The company also said it is working closely with the Bangko Sentral ng Pilipinas (BSP), the NPC, and the Cybercrime Investigation and Coordinating Center (CICC) to confirm the validity of the alleged leak and protect customer information.

If confirmed, this could be one of the largest data leaks involving a fintech company in the Philippines. The timing is also critical, as GCash continues to expand its services and prepare for a possible Initial Public Offering.

A leak of this scale could expose users to phishing scams, identity theft, and other forms of fraud. It also raises serious concerns about how digital wallet companies handle and protect sensitive customer data.

What Users Should Do:

  • Regularly update your MPIN and password.
  • Turn on additional security features such as biometric or two-factor authentication.
  • Avoid clicking suspicious links or sharing verification codes.
  • Monitor your account for any unusual transactions.
  • Stay updated only through official GCash and NPC announcements.

At the moment, GCash says there is no confirmed data breach, while the NPC continues its investigation. Whether the leaked data turns out to be real or fake, it serves as a strong reminder to always protect your digital accounts.

Do you still trust GCash after the alleged data breach reports?

Let us know!

Source 1, Source 2, Source 3