Following a data breach incident at the National Credit Information Centre (CIC) of Vietnam, the public is warned by the policy to heighten vigilance against cybercrime activities, as perpetrators may exploit the leaked information to spread malware, carry out fraud, and appropriate assets.

Previously, the Vietnam National Cyber Emergency Response Centre (VNCERT), under the Authority of Cyber Security and High-Tech Crime Prevention (Ministry of Public Security), issued a statement regarding the personal data leak at the CIC.

The statement reported that on September 10, VNCERT received a report of a cybersecurity incident and signs of personal data breach at the CIC

Immediately upon receiving the information, the Authority of Cyber Security and High-Tech Crime Prevention directed VNCERT to lead and coordinate with professional units to involve network security service providers (Viettel, VNPT, NCS), CIC, and functional units of the State Bank of Vietnam. Their task was to verify information about the incident, implement appropriate professional and technical measures for initial remediation, strengthen cybersecurity solutions, and collect evidence for legal processing.

Initial verification results indicated that data related to credit activities, loan products, and individual contracts may have been leaked. The exact quantity of illegally acquired data is still being compiled and clarified.

VNCERT requests that all organizations and individuals refrain from independently downloading, sharing, exploiting, or using the aforementioned data. Intentional violations will be dealt with according to the law.