GCash unauthorized deduction: Internal glitch and not by hackers

MANILA, Philippines — The unauthorized deduction on balances of some GCash users in early November was triggered by an internal glitch and not by hackers.

This was according to Sen. Sherwin Gatchalian who was speaking on behalf of the Department of Information and Communications Technology (DICT) as budget sponsor of the agency.

The matter was tackled during the Senate’s marathon plenary debates early Wednesday on the proposed 2025 funds of the DICT and its attached agencies.

“How can DICT confirm if the unauthorized deductions were really caused by reconciliation errors and not—as others were suspecting—by hackers or malicious actors,” asked Sen. Risa Hontiveros.

READ: BSP to investigate GCash amid reports of unauthorized transfers

Prior to this, GXI, the company that operates GCash, already denied that the incidents were caused by hackers or other malicious actors and attributed the unauthorized deductions to errors in its ongoing “system reconciliation process.”

Gatchalian, for his part, said the DICT already investigated the matter in coordination with the Bangko Sentral ng Pilipinas.

“Based on the briefing that I got regarding this matter, the incident with GCash is not caused by external factors. It was caused by an internal glitch on the software and that has been the result of the investigation. From what I understand, GCash is already rectifying the issue,” said Gatchalian.

At this point, Hontiveros asked whether the DICT’s investigation was already final and if they were “satisfied” with their findings.

According to Gatchalian, the investigation is final unless the BSP decides to call on the DICT for additional technical investigation.

“But as far as the investigation goes, it’s an internal glitch or an internal error that created the issue with Gcash. The good thing is that the DICT did not detect any external hacking that transpired so it’s now incumbent upon Gcash to rectify their system,” he emphasized.