The government said on Tuesday, November 12, that it is looking into potential cybersecurity breaches after reports of unauthorized fund transfers from GCash wallets over the weekend.
Department of Information and Communications Technology (DICT) Undersecretary Jeffrey Dy said they are trying to simulate a possible attack using authentication methods that will bypass one-time passwords to identify potential breach.
Dy said the National Privacy Commission is also coordinating with the concerned e-wallet on the investigation.
“If this is a cybersecurity attack, then we should be informed so we can inform other e-wallets also…So this does not spread and then defend ourselves collectively,” Dy said.
GCash earlier admitted an error in its system reconciliation, which has affected the account balances of some users.
“In the banks, this usually happens nga when they reconcile reports. Ang bangko kasi may delay kaya iyong reconciliation na iyon naiintindihan ko agad in its face. Ang hindi ko maintindihan kasi, because e-wallets are real time. So where does this come in? And we are still waiting for that report,” said Dy.
Dy said he also wants to know if there was human error in the reconciliation process.
The Bangko Sentral Ng Pilipinas earlier vowed to investigate the incident and review GCash’s compliance with its regulations and policies.
Opposition lawmakers have also filed a resolution seeking to probe the incident “in aid of legislation.”
The DICT said while it respects the oversight functions of Congress to probe the matter, he urged e-wallet users to still trust online transactions.
“That’s the only way to move forward…Maybe you should put your money in a different wallet and one here. Put your money in different positions,” said Dy.
