Metro Manila (CNN Philippines, May 13) — GCash users on Saturday expressed their frustration anew as the mobile wallet experienced another temporary downtime in its services.
Users of e-wallet Gcash have reported issues in accessing the mobile platform on Saturday morning.
Is Gcash down on your end, too? pic.twitter.com/9EFk9ncPf6
— CNN Philippines (@cnnphilippines) May 13, 2023
GCash apologized for the inconvenience but assured users, who have been tagging the e-wallet giant on Twitter and commenting on Facebook posts, that funds were safe during the system outage.
The downtime, which lasted at least nine hours, happened amid an ongoing investigation of the National Privacy Commission (NPC) into a potential personal data breach during a GCash “glitch” early this week.
On May 9, reports of suspicious transactions involving GCash users were circulating online. They said they did not receive any notification nor OTP but unauthorized bank transfers still went through.
A “preventive maintenance” was conducted to investigate the complaints. In the afternoon, GCash said it already adjusted the e-wallets of affected users and assured that funds were “intact, safe, and secure.”
In a statement on Saturday, the NPC said it conducted a clarificatory meeting with G-Xchange, Inc. (GXI) on Friday, wherein the company presented information about its own investigation and actions taken to address the issue.
The NPC said it will issue another order for GXI to “provide further information and documents to enable an independent assessment and verify the claims presented by GXI on the supposed phishing being the cause of the glitch.”
“The NPC is committed to safeguard the privacy of all individuals and will continue to provide guidance on how the public can better protect themselves from violations of their data privacy rights, even as these threat actors are also becoming more sophisticated in the pursuit of their criminal design,” Privacy commissioner and chairperson John Henry Naga said.
A House investigation has already been sought on the alleged unauthorized deductions from GCash accounts.
In a statement, GCash reiterated that “no hacking or glitch” happened in its platform, only a “deliberate phishing attempt” that occurred outside of the app.
“We have been in constant coordination with the authorities and regulatory bodies like the Bangko Sentral ng Pilipinas (BSP) and the NPC in providing the necessary information required of us,” the e-wallet said.
“We enjoin the NPC in reinforcing efforts to educate everyone on the importance of being vigilant in securing their personal information,” it added.
Justice Secretary Jesus Crispin “Boying” Remulla earlier said GCash may not be held liable for cybercrime violations if it has already “rectified” the glitch.
The e-wallet said its preventive measures comply with global cybersecurity standards and are in line with its commitment as a financial services provider regulated by the BSP.
The Cybercrime Investigation and Coordinating Center (CICC), an attached agency of the Department of Information and Communications Technology, also vowed to conduct an “objective probe” into the anomalous fund transfers.
“The CICC assures GCash and the public of the objectivity of its probe on whether there were lapses in GCash’s security system, and if warranted, make recommendations to GCash moving forward to ensure that public interest is safeguarded,” CICC Executive Director Alexander Ramos said.
