Press Statement on the Alleged GCash Unauthorized Transactions

The National Privacy Commission (NPC) received an email from GCash on 11 November 2024 at 12:35 in the afternoon, claiming that there was no data leakage or personal data breach involved associated with the recent incident involving alleged unauthorized transactions leading to lost funds of GCash user accounts.

Although GCash has stated that there was no compromise of customer credentials or data in the incident, the NPC will still conduct an independent investigation in line with its mandate to administer and implement the Data Privacy Act of 2012 (DPA). This investigation will verify the absence of a personal data breach, ensuring transparency and accountability in the protection of GCash users' personal information.

The NPC emphasizes that its authority is focused on the protection of personal data, as defined under the DPA. For concerns related to the monetary aspect of these transactions, users are advised to direct their queries to the appropriate financial regulatory agency.

We urge individuals who may have been affected by this incident to reach out to the NPC through [email protected] and provide relevant information to assist with our investigation.

###