The National Privacy Commission (NPC) warned the public to "actively monitor" their GCash account as it launched an investigation into an alleged data breach involving the mobile wallet application operator, G-Xchange Inc.

In a statement on Monday, the commission urges the public to exercise heightened vigilance following reports of data leak which surfaced online on October 26.

"The NPC has immediately launched an investigation after a dark web post appeared claiming to sell user information. The post, made by a threat actor using the alias “Oversleep8351,” allegedly offers merchant and basic user data, GCash account numbers, linked bank and virtual card accounts, and KYC (Know Your Customer) records containing names, addresses, employment details, and valid Philippine IDs," it stated.

"Following this, the NPC’s Complaints and Investigation Division has issued a Notice to Explain (NTE) to G-Xchange, Inc. to obtain further details about the alleged incident. An online clarificatory conference has also been scheduled to facilitate a more detailed discussion of the matter. As of 10:30 a.m. on 27 October 2025, the NPC has not received any official data breach notification from the company," the commission added.

Should the investigation confirm that the personal data of GCash users have been compromised, the commission said that it will take regulatory and enforcement action under the Data Privacy Act of 2012.

However, in an advisory issued on the same day, GCash said that there was "no evidence of data breach" and assured its customers that their "funds and information are safe and secure".

"GCash is aware of an online post alleging that user information is being sold on the dark web. There is no evidence of any breach in GCash systems. All customer accounts and funds remain secure.

''Upon swift investigation of our cybersecurity experts, the alleged dataset does not match data from GCash systems. Additionally, many entries are incomplete, invalid, or do not belong to GCash users. These findings strongly indicate that the data being circulated did not originate from GCash," it stated.

We continue to work closely with the BSP, NPC, and CICC to monitor and validate information from all possible sources and ensure that our systems remain protected. GCash remains fully committed to safeguarding customer data, strengthening our defenses, and upholding the trust of millions of Filipinos," the advisory added. Robina Asido/DMS