The Cybercrime Investigation and Coordinating Center (CICC) on Friday announced that it has already launched its probe over the alleged data breach of mobile payments platform GCash.
CICC executive director Alexander Ramos stressed the seriousness with which they are taking the reports.
“We are already working with GCash to get more information on the incident,” Ramos said.
GCash previously announced it was investigating the matter but found no initial signs of a data breach.
“Based on our initial findings, there are no indications of a data breach in our systems,” said the company as it assured users that their funds and accounts remain secure.
The investigation stemmed from a claim made on Thursday by Deep Web Konek, a local online cybersecurity group which alleged that a data breach occurred between late March and early April 2024, targeting the Philippine Statistics Authority (PSA) and potentially carried out by a cybercriminal known as KryptonZombie.
While the PSA initially denied the claim, Deep Web Konek maintained the breach affected GCash’s KYC — know-your-customer — system.
The alleged stolen data — estimated at 100 gigabytes — reportedly included user information like mobile numbers, IDs used for KYC verification, GSave account numbers, signatures and selfie IDs.