Header Ads

GCash explains "product issue" behind unauthorized transactions

OPPO
Infinix
Following the unauthorized transaction incident on GCash, now the Fintech firm explained what happened.
GCash explains "product issue" behind unauthorized transactions
File photo: GCash mobile app

No phishing, data breach, or account takeover happened

Previously, GCash said there's an ongoing "system reconciliation process" and that the incident was isolated to a few users followed by assuring customers that their accounts are safe.

Now, GCash explained there was a "product issue error" that forced it to go through a system reconciliation process.

Gilda Maquilan, VP for Corporate Communications and Public Affairs at GCash, stated that the problem began last Friday, November 8 at 11 PM, when they spotted a sudden rise in the usage of their "Send Ang Pao product".

The aforementioned product enables users to transfer money to multiple users as a form of providing gifts for occasions such as Christmas.

Pag nagsend ka po ng Ang Pao na pang-regalo ito po ay papasok sa tinatawag na temporary wallet. Pagka ito ay na-receive lang po o nagpasalamat yung recipient, yung nakatanggap ng aguinaldo, saka lang po ito malalapit sa wallet niya, she explained.

So nakita po namin 'yan na hindi pa naman Pasko, hindi naman Chinese New Year, eh bakit tumataas ang ating transaction po dyan? she asked.

Upon noticing such a spike, GCash started an investigation. 

Nakita namin yung wallet ay bloated. Ibig sabihin noon, unusual ito. Yung rate ng pasok ng pera ay hindi tugma sa paglabas. Walang nagrereceive po nung, walang tumatanggap ng aguinaldo, she said.

Gilda continued that it was on the earliest morning of November 9 that they started receiving reports from affected customers saying that there were Send Ang Pao transactions on their accounts yet these customers did not send any money.

Gcash connected the dots, immediately shut off the product feature, and continued its investigations.

And doon sa aming paunang imbestiga, ruled out po ang phishing, ruled po ang data breach, at we ruled out account takeover. Ito po ay isang product issue," Gilda added. 

Furthermore, Gilda Maquilan stated that GCash returned the money within 24 hours to the customers who were hit by the incident.

Ibinalik po natin yung pera, so from detection, investigation resolution, swift po ang action natin dyan, Maquilan noted.

GCash reported it to the Bangko Sentral ng Pilipinas (BSP) after this incident last Saturday. They also gave voluntary updates to DICT and the Cybercrime Investigation and Coordinating Center (CICC).

Currently, there is still an ongoing investigation and BSP officials are in the office to aid in this matter.

GCash again reassures its customers that they are taking measures to avoid such incidents in the future. The firm will also continue to collaborate with BSP, DICT, and CICC to help GCash customers navigate in the Digital era.

What do you guys think?

Via: ABS-CBN

No comments

Powered by Blogger.
close
gizguide