Answer VTC News On the morning of March 26, VNDirect's media representative said: “Currently the company is continuing to work with partners to fix all system errors that have occurred. The partner said that by Thursday morning (March 28) at the earliest, the problem could be fixed and operations could resume."
Regarding customer support policy, the representative replied: “It is currently impossible to assess how customers are affected. However, we will learn and evaluate to consider and propose appropriate policies."
Previously, early in the morning, a notice was posted on VNDirect's website with the content: “The VNDirect system is currently in the process of being repaired and reconnected. All customer information and assets are guaranteed to be safe and unaffected.
The incident only affects customers' current transactions. We are in the process of reconnecting the system. Due to the large amount of data, it is taking longer than expected. We sincerely apologize for your inconvenience and hope to receive your understanding."
Thus, the company's online trading system has stopped working since 10:24 a.m. March 3 until now, after being attacked by an outside party.
During yesterday's stock trading session, millions of VNDirect customers could not trade through this system. Previously, the company announced that by the morning of March 25, it had fixed the problem, was in the process of reconnecting transactions and expected to restore it in the early afternoon of March 3.
While VNDirect cannot connect, the websites of many companies related to this company are also inaccessible. Specifically, when investors access the website of the Postal Insurance Corporation (PTI), they only receive a notification confirming the system has been attacked.
The websites of companies such as: IPA Securities Investment Management Company (IPAAM), IPA Investment Group (IPA), and Homefood Food Joint Stock Company are also inaccessible.
In this context, despite the commitment that assets and personal information are not affected, many investors are still worried when the situation of being unable to trade is prolonged.
On a stock investment group with nearly 500.000 members, Man Nhi's account expressed: "Investors using the VNDIRECT app are now sitting on fire. My 10 stocks collapsed to the floor and I could only watch, unable to do anything. I wonder if I can still go to the headquarters to register to sell tomorrow?".
Investor Khang Duy also commented: “If you can't access the system, you can't trade, you can't transfer or withdraw money. Assets are no different from being frozen".
Investor Quyen Quyen said: “When I reopen, I'll sell everything. With this weakness, I'll lose hundreds of millions".
Meanwhile, investor Tung Nguyen commented: “If not handled quickly, a significant amount of money poured into the market will be lost, while VND fixes the system.".
According to sources of VTC News, representative of the Department of Cyber Security and High-Tech Crime Prevention and Control (A05, Ministry of Public Security), said that the unit is currently investigating and verifying that VNDirect's system was attacked.
The State Securities Commission (SSC) also warned about VNDirect's incident. Accordingly, the State Securities Commission requires companies to ensure that information technology (IT) systems and backup databases operate safely and continuously according to regulations.
Proactively review and immediately check security plans for the company's IT system, especially stock trading systems and systems connected to the Internet to promptly fix security holes ( if any).
Perform audits of online transaction processes; risk control process; system and data backup procedures; management and operation processes of IT systems; Develop measures to respond to and overcome potential security risks.
In case the company detects signs of insecurity, it must be proactive and focus resources to handle and overcome.
The State Securities Commission also requires companies to seriously and urgently carry out and report the results of review, inspection, and remedial plans (if any) to the State Securities Commission and relevant units before April 1, 4.