GCash clarifies no hacking or glitch occurred: Phishing happened outside of the app

In a statement, the country's leading mobile wallet GCash has shed more light on the recent "hacking" incident "involving" the app.

File photo: GCash app

GCash was not hacked, and no glitches occurred

GCash clarified and reiterated that there was no hacking or glitch that occurred in the GCash platform last May 8, 2023. Affected individuals were phished outside of the app.

So what happened?

According to GCash, some users may have unknowingly shared their information with suspicious sites masked as legitimate brands or institutions.

Upon detection, GCash managed to immediately activate security protocols and implemented its prevented security measures.

Manila Bulletin's Art Samaniego Jr. also recently shared on Facebook that some of those links will lead you to the phishing sites masked as the login page of the GCash app.

Due to its swift action, the company was able to mitigate the impact on its customers. GCash was able to correct their e-wallet balances immediately within 24 hours.

If you noticed, GCash also placed its app on extended preventive maintenance in order to ensure that they have exerted all means necessary to mitigate the impact of the incident.

These measures are in compliance with global cybersecurity standards and in line with its commitment as a financial services provider regulated by BSP.

The company also noted that they have been in constant coordination with the authorities and regulatory bodies like the Bangko Sentral ng Pilipinas (BSP) and National Privacy Commission (NPC) in providing the necessary information required on the incident.

We remain steadfast in ensuring the protection of our customers' funds and data as we continue to invest in the latest cybersecurity technologies and capabilities. In partnership with the Philippine National Police Anti-Cybercrime Group (PNP-ACG) and the Cybercrime Investigation and Coordinating Center (CICC) and the National Bureau of Investigation (NBI), we continue to intensify efforts in going after scammers and fraudsters.

What you should do to protect your GCash account?

Along with the NPC (National Privacy Commission), GCash advises its users to be vigilant in securing their personal information.

The company also stated that it should only transact through its official channels. GCash will also never send personal messages to address concerns or ask for your MPIN, OTP, or other personal information.

GCash: Keep these in mind to protect yourself from text scams, phishing links

The safety and security of all our customers remain our topmost priority. We will not stop working with the authorities as we endeavor to eliminate fraudsters as our common enemy.

What do you guys think?