CICC disputes claims of GCash hack

The Cybercrime Investigation and Coordinating Center (CICC) has challenged claims of a fresh data breach involving GCash after initial findings showed no evidence of a compromise in the platform’s systems.

The agency confirmed Tuesday that it has opened an investigation into a reported leak involving G-Xchange, Inc., operator of GCash, but said data being circulated online “appears to be recycled information—older or previously available data reused or reshared to appear as newly compromised material.”

According to CICC’s Cybercrime Investigation Office (CIO), “the datasets in question do not originate from GCash’s systems,” indicating “there has been no recent compromise of GCash’s infrastructure.”

GCash, on the other hand, has agreed to cooperate with authorities. 

The company “has expressed openness to system checks by the CICC and the Department of Information and Communications Technology (DICT) to ensure that no potential points of compromise exist,” the agency said.

Investigators are now tracking the source of the reported leak. The CICC said it is pursuing leads on the “possible individual or group behind the reported exposure” and checking whether the case is linked to prior cyber incidents.

The agency said all findings “will be coordinated with the appropriate authorities as part of due process and in accordance with existing cybercrime investigation protocols.”