PCSO GM dismisses alleged data breach on lotto winners

Philippine Charity Sweepstakes Office (PCSO) General Manager Mel Robles on Friday denied the reports of an alleged data breach on the personal details of lotto winners. 

“This is fake news. There was no breach nor any successful attempt to hack the systems of PCSO. We have not reported anything to DICT because nothing had happened,” Robles said in a statement. 

“While there were numerous attempts (in the past) to hack our system coming from all over the world, our digital defenses are holding out and remain impregnable,” he added.

The PCSO head made the statement after it was earlier reported that the Department of Information and Communications Technology (DICT) said it was looking into the alleged hacking of the data of lotto winners’ profiles from 2016 to 2025. 

“We are aware of that for two days now. We are investigating and coordinating with the Philippine Charity Sweepstakes Office,” DICT Undersecretary Jeffrey Ian Dy told GMA News Online earlier. 

In an interview with Super Radyo dzBB, Dy said that there were no indicators of compromise yet to say that PCSO was hacked. 

A Facebook page called Philippine Exodus Security claimed that hackers had compromised the personal information of the lotto winners including their names, addresses, phone numbers, IDs, and winning numbers. 

Based on the screenshots attached to the Facebook post, Robles said that the hackers were most probably able to get hold of the email accounts of the PCSO employees from the Cagayan branch. 

He noted that it was the list of individuals who availed of the promo of the said branch in March 2022 and not the names of winners. 

“Our database for the lotto jackpot winners is safe in the head office. The branch offices are not connected to the head office,” said Robles. –NB, GMA Integrated News