data privacy

GCash security breach traced to phishing via online gambling sites – NPC

Gelo Gonzales

This is AI generated summarization, which may have errors. For context, always refer to the full article.

GCash security breach traced to phishing via online gambling sites – NPC
The NPC says the phishing attacks were conducted through gambling sites such as 'Philwin' and 'tapwin1.com'

MANILA, Philippines – The Philippines’ National Privacy Commission, on Wednesday, May 24, said the unauthorized GCash transactions that took place on the week of May 9, were enabled by phishing attacks through online gambling sites such as “Philwin” and “tapwin1.com”.

The NPC’s investigation was not able to name the perpetrators of what it called a “meticulous phishing scheme.”

The investigation began on May 9, to see if there had been a possible compromise of personal data and other potential violations of the Data Privacy Act of 2012. The commission met with GCash parent firm, G-Xchange Inc, to gather data from the company’s internal investigation, along with the measures taken to address the situation, before the NPC proceeded with its independent assessment.

“We have ordered GXI to intensify its education and awareness campaign to its clients to prevent similar incidents in the future,” privacy commissioner John Henry Naga said.

“We assure the public that the National Privacy Commission remains resolute in its mandate to safeguard the rights of data subjects and protect personal information. We will employ the full extent of our powers under the law to penalize those who violate the Data Privacy Act of 2012.” – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI
Download the Rappler App!
Clothing, Apparel, Person

author

Gelo Gonzales

Gelo Gonzales is Rappler’s technology editor. He covers consumer electronics, social media, emerging tech, and video games.