GCash says user accounts safe after alleged KYC data breach

Mobile wallet GCash on Thursday said it has launched a probe on the alleged breach of its know-your-customer (KYC) data and found no indications it was compromised.

GCash in a statement said it is “aware of a story posted online about an alleged breach of KYC data.”

In a Facebook post, cybersecurity enthusiasts group Deep Web Konek alleged there was a data breach linked to a threat actor, KryptonZombie, that targeted GCash’s KYC system, exposing mobile numbers, KYC IDs, signatures, selfies, and account details of thousands of users.

“Upon learning about this matter, we promptly launched an investigation and are now closely working with our regulators and authorities,” GCash said.

“Based on our initial findings, there are no indications of a data breach in our systems and this has no impact on customer funds and their accounts remain safe and secure,” the mobile wallet said.

GCash said it is one with regulators in addressing the growing incidents of data leaks that have made headlines in the past weeks.

“We remind our customers to protect their personal information and regularly update their passwords and MPIN,” it said. —RF, GMA Integrated News