CIC hacked: Exploitation and sharing of leaked data will be handled

The Vietnam Cyber ​​Emergency Response Team (VNCERT) has just announced that it has received a report of a cyber security incident occurring at the National Credit Information Center (CIC). Initial reports show signs of personal data breach.

Immediately after receiving the information, the Department of Cyber ​​Security and High-Tech Crime Prevention directed VNCERT to preside over and coordinate with enterprises providing network information security services including Viettel , VNPT, NCS, along with CIC and functional units of the State Bank. The parties have synchronously deployed technical and professional measures to respond, verify and ensure network security. At the same time, related data and evidence were also collected for processing in accordance with the provisions of law.

Initial verification results show signs of cybercrime attacks and intrusions with the aim of stealing personal data. The amount of illegally acquired data is still being counted and clarified.

VNCERT requires organizations and individuals to absolutely not download, share, exploit or use leaked data without permission. Violations will be handled according to the law.

In addition, VNCERT recommends that agencies and businesses, especially financial and banking institutions, proactively review and implement compliance with TCVN 14423:2025 standards on network security for important information systems. People are also advised to be vigilant and avoid the risk of having their personal information exploited to spread malware, commit fraud and misappropriate property.

It is known that on September 9, on a foreign forum, an international hacker group advertised for sale CIC's information data. CIC reported to the Department of Cyber ​​Security and High-Tech Crime Prevention (A05) according to regulations, and coordinated with A05 and network security partners to strengthen the security and safety of the system.

CIC said that the above incident has not affected the system in any way, all CIC operations are still running normally.

On September 9, the State Bank issued a notice advising people to be cautious of high-tech fraud. The State Bank said that recently, high-tech crime and financial fraud through electronic channels have tended to increase, with many sophisticated tricks such as: impersonating banks to send messages, spreading fake links/QR codes, impersonating police agencies, courts, fraudulently recruiting "easy jobs with high salaries" from abroad, or using AI/deepfake technology to appropriate personal information and assets.

To protect people's rights and property, the Payment Department, State Bank of Vietnam recommends that people:

• Do not provide security information (password, OTP, card number, CVV, biometrics) to anyone in any form.

• Do not access or scan links, QR codes, or applications of unknown origin.

• Always check and verify information through the bank's official channels (website, application, call center).

• Actively protect your account: change your password regularly, enable balance fluctuation alerts, and limit money transfer limits.

• When detecting suspicious signs: immediately contact the bank's switchboard or the police.

• Be wary of invitations to invest in super-profitable projects and work abroad to avoid falling into "cross-border scams".

The State Bank said it will coordinate with credit institutions to continue implementing technical, legal and communication solutions to prevent high-tech crimes, but public vigilance and cooperation are key factors in preventing this problem.

Source: https://baodautu.vn/vu-cic-bi-hacker-tan-cong-khai-thac-chia-se-du-lieu-bi-lo-se-bi-xu-ly-d383819.html