P37-M GCash hack foiled; funds returned to users

Globe Telecom’s popular digital payments app GCash foiled attempts by suspected hackers to steal millions of pesos from its users.

The company detected the hack late on the night of Monday, May 8, after noticing a pattern of relatively small withdrawals from multiple recipients that were being sent to only two recipient banks. The combined amount of the stolen funds was estimated to be around P37 million, with a few thousand pesos each taken from numerous GCash users.

As a result of the suspicious behavior, GCash suspended its services around midnight before eventually restoring it around 10 a.m. Tuesday. While the outage lasted less than half a day, it still affected millions of Filipinos who rely on GCash for online shopping and digital payments at restaurants and public transport.

An official tweet by the company at 4 p.m. the same day claimed that GCash had adjusted the wallets of those who were affected.

“Rest assured, your funds are intact, safe, and secure with GCash,” the message states. “Our proactive cybersecurity policies are in place to protect our customers as the safety and security of your account is our top priority.

In addition, the tweet also warns GCash users against emails, messages and calls claiming to be from the company, and to never share their MPINs and one-time passwords. It also asks users to report any suspicious activities to their help center.

The recent GCash hack isn’t the first time a local online e-wallet service has been hacked. In 2021, PayMaya suffered a data breach that saw users have their accounts used to try to make payments at adult-oriented online merchants. (Read: Thousands of PayPal accounts hacked, but users could’ve apparently prevented it)

Luckily, many of the transactions that the hackers attempted were lower than the minimum amount required by PayMaya.

This, plus the recent GCash hack raises questions about the security of local e-wallet and digital payment providers. The increased use of these due to their perceived convenience over paper money could leave more and more people vulnerable to hackers if the companies behind them don’t step up their security.


Asia United Bank has confirmed that it aiding in the ongoing investigation into the GCash hack. Meanwhile, EastWest Bank is conducting its own independent investigation. Accounts in both banks where the recipients of the funds being siphoned off from GCash users’ accounts in the hack.

If you like reading our content, why not show your appreciation by treating us to a cup of coffee? (or two, if you’re feeling generous)


Variable staff

Collective will of the legion

%d bloggers like this: