Vietnam Warns of Data Theft After Credit Center Hack

Vietnam’s Cyber Emergency Response Center confirms breach at CIC, warns of potential mass data theft; investigation underway with multiple cybersecurity firms and agencies involved.

Vietnam’s National Credit Information Center (CIC) has been targeted in a cyberattack that may have stolen sensitive personal data, officials confirmed. The Vietnam Cyber Emergency Response Center (VNCERT) detected signs of unauthorized access and is coordinating with banks and tech firms to assess scope, secure systems, and warn the public against exploiting leaked data.

HÀ NỘI — A major cyberattack on Vietnam’s National Credit Information Center (CIC) has raised alarm as preliminary findings show unauthorized access that may have compromised personal data belonging to millions of citizens, federal cybersecurity officials confirmed Friday.

• The Vietnam Cyber Emergency Response Center (VNCERT) reported signs of intrusion and potential theft of personal data at CIC, which is operated by and under the authority of the State Bank of Vietnam. vietnamnews.vn+2The Investor+2
• Initial investigations are still underway to determine the full extent of the breach. Hindustan Times+2vietnamnews.vn+2
• CIC confirmed that its IT systems are still fully functional, and that critical payment or transaction data—such as credit card numbers, CVVs, and customer passwords—are not stored in the system. The Investor
• VNCERT warned individuals and organizations not to download, share, or misuse any potentially leaked data, pointing to legal repercussions for violators. vietnamnews.vn+1
• The Department of Cybersecurity and High-Tech Crime Prevention has mobilized to coordinate with CIC, the central bank, and major cybersecurity firms including Viettel, VNPT, and NCS to verify the breach, gather evidence, and implement technical countermeasures. vietnamnews.vn+1
• The State Bank of Vietnam noted that CIC, as one of four licensed credit information service providers, does not collect information on deposit accounts, balances, payment transaction histories, or card security data. The Investor

1. State Bank of Vietnam (SBV): “Credit information collected by CIC according to the law does not include information about deposit accounts … credit card numbers, CVV/CVC, transaction history.” The Investor
2. Cybersecurity expert Ngô Minh Hiếu, founder of Chongluadao.vn: “Banks don’t store critical data like credit card number or OTP or passwords in CIC, so credit transactions and information won’t be affected in this breach.” vietnamnews.vn+2TechRadar+2
3. VNCERT official (unnamed): “Initial investigations indicate signs of unauthorized data access and potential personal information leakage.” vietnamnews.vn+1

Historical or Geopolitical Context:
Vietnam has seen a sharp rise in data leaks and cyber incidents in recent years. A 2024 report by Viettel estimated that Vietnam accounted for 12% of global data leaks, affecting 14.5 million accounts. Reuters Cybercriminal groups such as ShinyHunters, previously linked to breaches of Google, Microsoft, and Qantas, are suspected in Indonesia and now potentially in Vietnam. Reuters+1

Technical Analysis

How the Incident Occurred & Possible Attack Vectors:

• Authorities have not publicly disclosed the exact method of intrusion. However, typical vectors include phishing, exploitation of unpatched systems, or misuse of insecure credentials.
• Third-party reports (such as on DataBreaches.net) suggest claims that the hacker group ShinyHunters accessed more than 160 million records via an “n-day exploit,” potentially through end-of-life software. These claims remain unverified by Vietnamese authorities. DataBreaches.Net

Affected Systems:

• The breach centers on the CIC database that holds personally identifiable information (PII), credit risk analysis, identity numbers, and potentially government IDs—not actual credit card or banking transaction data. DataBreaches.Net+1

Mitigations and Remediations:

• VNCERT has mobilized emergency response protocols, issued legal warnings, and activated containment measures.
• Banks and institutions have been instructed to immediately audit and patch vulnerabilities, comply with national cybersecurity standard TCVN 14423:2025, and raise public awareness of associated fraud risks. Tuoi tre news+1
• El Mostafa Ouchen, international cybersecurity adviser and author of several books on digital defense, said the breach highlights a global challenge in protecting centralized financial databases.
  “Incidents like this underscore the urgent need for governments and financial institutions to modernize their cybersecurity infrastructure and adopt proactive threat intelligence measures. Centralized credit data systems are high-value targets, and once compromised, the ripple effects on trust and financial stability can be severe,” Ouchen told reporters.

Impact & Response

Who Is Affected:

• Potentially millions of Vietnamese citizens whose PII is stored in CIC’s centralized credit database may be at risk. The actual number of affected records has not yet been confirmed. vietnamnews.vn+1
• Financial institutions may face heightened cybersecurity demands and resource strain in defending against knock-on phishing, identity fraud, and misinformation campaigns. Reuters

Actions Taken:

• VNCERT, the central bank, and public security departments are coordinating investigative and protective operations.
• Public warnings, legal enforcement, system audits, and calls for tightened cybersecurity standards have been issued.

Possible Long-Term Implications:

• Heightened scrutiny on data protection practices, with potential regulatory reforms.
• Increased cybersecurity spending across the banking sector.
• Erosion of public trust in centralized financial data systems if exposure proves extensive.

Background

• Rising Cyber Incidents in Vietnam: In 2024, 14.5 million accounts in Vietnam were exposed in data leaks. Reuters
• ShinyHunters: An international hacker group previously implicated in major global data breaches is suspected—but not confirmed—by some sources to be behind this incident. Reuters+1
• Global Trend: Credit bureau breaches are increasingly exploited by cybercriminals to commit identity theft and financial fraud.

Conclusion

Vietnam’s breach of the National Credit Information Center exemplifies growing global challenges in protecting centralized financial data. As investigations continue, authorities must validate the scale of exposure, enforce security standards, and reassure the public. Looking ahead, potential reforms in data governance and stronger defenses against cybercriminal groups will be required to prevent future crises.