NPC confirms GCash incident caused by phishing attacks

By Raymond Carl Dela Cruz

May 24, 2023, 6:38 pm

MANILA – The National Privacy Commission (NPC) on Wednesday concluded that the unauthorized transactions involving several GCash accounts were caused by phishing attacks and not security vulnerabilities with the mobile wallet provider.

In a statement, Privacy Commissioner John Henry Naga said “unknown threat actors” took advantage of GCash users through online gambling websites such as “Philwin” and “”

“Upon our thorough investigation, we have determined that the unauthorized transactions in GCash accounts were a result of a meticulous phishing scheme,” Naga said.

The investigation was initiated by the NPC’s Complaints and Investigation Division (CID) on May 9 to find out whether there were compromised personal data and other potential data privacy-related violations.

The NPC held a clarificatory meeting with G-Xchange, Inc. (GXI) where the former raised its concerns, and the latter provided additional information and proof for the conduct of an independent assessment.

GXI submitted its compliance with the orders issued by the NPC last Friday (May 19).

“We have ordered GXI to intensify its education and awareness campaign to its clients to prevent similar incidents in the future,” Naga said.

He assured that the NPC is committed to promoting a safe and secure digital environment and urged the public to remain vigilant against phishing attacks that would compromise personal information.

“We will employ the full extent of our powers under the law to penalize those who violate the Data Privacy Act of 2012,” he said.

On May 9, GCash announced a temporary “downtime” of their service after several users experienced unauthorized deductions in their accounts.

Government agencies, including the NPC and the Bangko Sentral ng Pilipinas, have since initiated their own investigation into the incidents. (PNA)