Vietnam’s National Credit Information Center (CIC) has been hit by a cyberattack from the notorious ShinyHunters group, resulting in the theft of personal data. The Vietnam Cyber Emergency Response Team (VNCERT) confirmed that signs of unauthorized access were found with the intent to steal data.
The attackers claimed to have exploited a known but unpatched vulnerability in end-of-life software used by the CIC. Because the software was no longer supported, it lacked available security patches, leaving the system especially vulnerable. Unlike many other cyberattacks that demand a ransom, ShinyHunters did not attempt to extort the CIC. Instead, they immediately listed the stolen data for sale on a hacking forum on the dark web, providing a large sample as proof.
The State Bank of Vietnam (SBV) issued a statement to reassure clients following the breach, confirming that the credit data collected by the CIC does not include sensitive financial information like bank account numbers, credit card numbers, or transaction histories. However, other personal information like contact details and payment identifiers were likely impacted and could still be used by fraudsters. The central bank emphasized that commercial banks’ IT systems continue to operate safely, ensuring the protection of clients’ assets and information.
Because of its role as a centralized repository for Vietnam's credit data, the CIC was a particularly attractive target. Authorities launched an official investigation to determine the full extent of the breach and mobilized the Department of Cybersecurity and state-owned technology partners to assess the incident’s scope. VNCERT has issued a strong warning to all individuals and organizations against downloading, sharing, or exploiting any of the leaked data, reminding them that violations will be handled in accordance with local data protection laws. Experts from investment bank JPMorgan noted that the incident could lead to higher cybersecurity costs for Vietnamese banks.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
