Vietnam investigates cyberattack on creditors’ data
Vietnam’s National Credit Information Center (CIC), which is overseen by the State Bank of Vietnam, has suffered a cyberattack targeting its database of creditors’ information. Authorities said the breach involved unauthorized access aimed at stealing personal data such as identities, credit payments, risk assessments, and credit card details.
The cybersecurity agency confirmed the investigation is ongoing, while CIC separately notified financial institutions in a September 11 letter, suspecting that the attack was carried out by the hacker group Shiny Hunters—a collective notorious for targeting companies like Google, Microsoft, and Qantas.
Officials stressed that CIC’s systems remain functional, with no disruption to operations or visible damage. However, the scope of the data leak has not been disclosed. Vietnam’s central bank declined to comment, and Shiny Hunters could not be reached.
JPMorgan analysts warned that while the incident does not yet pose a systemic risk, it may lead to higher cybersecurity costs for Vietnamese banks and could potentially affect deposit flows if further breaches occur.
Vietnam has already been grappling with a rising wave of data leaks. A 2024 report by telecom giant Viettel noted that 14.5 million leaked accounts in Vietnam represented 12% of global total leaks, underscoring the country’s growing vulnerability to cybercrime.