HANOI (Reuters) – A large database in Vietnam containing data on creditors has been attacked by hackers, and the impact of the breach is still being assessed, according to the country’s cybersecurity agency as well as a document seen by Reuters.
The incident involves Vietnam’s National Credit Information Center (CIC), a unit managed by the State Bank of Vietnam, which stores sensitive information such as general personal details, credit payments, risk analysis, and credit card data.
“Initial investigation indicated signs of unauthorised access aimed at stealing personal data, with the extent of the breach still being assessed,” Vietnam’s cybersecurity agency said in a statement late on Thursday.
In a separate letter dated September 11, sent to financial institutions and seen by Reuters, CIC said it was investigating the incident.
It said it suspected the cyberattack had been orchestrated by the international hacker group Shiny Hunters, noting that the group was known for targeting global firms like Google, Microsoft, and Qantas.
“The incident has not disrupted operations or caused any damage, and the credit information service system remains fully functional,” the letter added.
Vietnam’s central bank did not respond to a request for comment. Reuters could not immediately contact Shiny Hunters.
Authorities did not disclose how many accounts might have been affected by the breach.
Investment bank JPMorgan said in a note to investors on Friday the incident could lead to higher costs for banks to improve cybersecurity and was a potential risk to deposit flows, but maintained its recommendation to stay invested in Vietnamese banks “barring a widespread impact or further incidents”.
In a 2024 cybersecurity report, Vietnamese military-run telecommunication firm Viettel said data leakage in Vietnam had surged sharply, with 14.5 million leaked accounts accounting for 12% of the global total.
(Reporting by Phuong Nguyen and Francesco Guarascio; Editing by David Stanway)
Comments