National credit info centre hacked, personal data at risk

September 12, 2025 - 10:25
VNCERT has issued a strict warning to all individuals and organisations, urging them not to download, share, or exploit any leaked data.
VNCERT confirms a cyberattack on the National Credit Information Center, with signs of personal data theft on Wednesday. — Illustrative photo

HÀ NỘI — A cybersecurity breach at the National Credit Information Center (CIC) has been confirmed by the Vietnam Cyber Emergency Response Center (VNCERT), with initial investigations pointing to a criminal cyberattack aimed at stealing personal data.

In a statement released late Thursday, VNCERT said it had received a report detailing a security incident at CIC, a critical data hub under the management of the State Bank of Vietnam.

Early findings indicate signs of unauthorised data access and potential personal information leakage.

After receiving the alert, the Department of Cybersecurity and High-Tech Crime Prevention directed VNCERT to lead the incident response.

The agency is now coordinating closely with major cybersecurity firms including Viettel, VNPT and NCS, along with CIC and relevant departments of the central bank.

Authorities have deployed a range of technical and investigative measures to contain the breach, verify its scope and safeguard the integrity of national financial data systems.

At the same time, evidence and data related to the incident are being collected for further legal action.

Initial assessments reveal that the breach was likely caused by a deliberate intrusion from cybercriminals targeting personal data. The extent and volume of compromised information are still under investigation.

In response, VNCERT has issued a strict warning to all individuals and organisations, urging them not to download, share, or exploit any leaked data. Violations will be handled in accordance with Việt Nam’s data protection and cybersecurity laws.

The agency also called on government bodies, businesses, particularly financial institutions and banks, to urgently review their information systems and ensure compliance with the national cybersecurity standard for critical infrastructure.

Meanwhile, the public is being advised to remain vigilant against online scams, phishing, and the misuse of personal data that could lead to malware infections or financial fraud.

Ngô Minh Hiếu, a cybersecurity specialist and founder of the anti-scam platform Chongluadao.vn, said on a Meta post that banks don't store critical data like credit card number or OTP or passwords in CIC, so credit transactions and information won't be affected in this breach. — VNS

E-paper