GCash has officially released a statement on an alleged data that was first made known by Deep Web Konek on October 26. The report says that a dark web user under the name “Oversleep8351” is selling GCash record from 2019 up to October 2025. GCash’s statement says that this report is unfounded as their analysts say that there’s no compromise in their systems.
The dark web post claims that it has data that includes merchant and basic GCash user accounts, GCash and G-Xchange account numbers, linked accounts, and important customer records like names, addresses, and employment details. The user claims that the bundle comes with an estimate 7 to 8 million user data as well as Philippine identification documents used for account verification.
GCash has released a statement that says that their initial findings show that the alleged data set does not match those in their systems.
“Initial findings show that the alleged dataset does not match the data structure used within GCash systems. Further analysis reveals that it includes individuals who are not Cash users, and that many entries appear incomplete, inconsistent, or invalid. These findings strongly indicate that the material being circulated did not originate from GCash.”
The company has said that it is working with the Bangko Central ng Pilipinas (BSP), the National Privacy Commission (NPC), and the Cybercrime Investigation and Coordinating Center (CICC) to ensure system protection.
NPC has already issued a Notice to Explain to G-Xchange, but has not yet received an official data breach notification from the company.
