Consider the problem of mitigating the impact on data integrity of phasor measurement units (PMUs) given a GPS spoofing attack. We present a sparse error correction framework to treat PMU measurements that are potentially corrupted due to a GPS spoofing attack. We exploit the sparse nature of a GPS spoofing attack, which is that only a small fraction of PMUs are affected by the attack. We first present attack identifiability conditions (in terms of network topology, PMU locations, and the number of spoofed PMUs) under which data manipulation by the spoofing attack is identifiable. The identifiability conditions have important implications on how the locations of PMUs affect their resilience to GPS spoofing attacks. To effectively correct spoofed PMU data, we present a sparse error correction approach wherein computation tasks are decomposed into smaller zones to ensure scalability. We present experimental results obtained from numerical simulations with the IEEE RTS-96 and IEEE 300 test networks to demonstrate the effectiveness of the proposed approach.