# ShinyHunters Attack National Credit Information Center of Vietnam
The National Credit Information Center (CIC) of Vietnam, responsible for storing credit data for the country's nearly 100 million citizens, has been hit by a devastating cyberattack by the notorious ShinyHunters group. The attack, confirmed by the Vietnam Cyber Emergency Response Team (VNCERT), revealed signs of unauthorized access aimed at stealing sensitive personal information.
The breach was carried out using an "n-day" vulnerability in end-of-life software used by the CIC, a known but unpatched flaw that left the system vulnerable to exploitation. As a result, ShinyHunters claimed to have acquired multiple records containing references to leading financial institutions in Vietnam, including VietCredit, MB Bank, Ocean Bank, VPBank, Sacombank, and Agribank.
In contrast to many ransomware attacks, ShinyHunters did not attempt to extort the CIC. Instead, they listed the data for sale on a hacking forum on the Dark Web, providing a large sample as proof of their capabilities. This brazen move highlights the cunning nature of ShinyHunters, one of the most prolific and notorious cybercriminal groups over the past five years.
ShinyHunters' exploits have been well-documented, with high-profile data breaches affecting hundreds of millions of users worldwide. The group's modus operandi has evolved from large-scale database thefts to sophisticated social engineering and cloud platform attacks. Their operations often target sensitive information, leaving victims vulnerable to identity theft, financial fraud, and systemic instability.
The breach at the CIC poses a significant threat to Vietnam's credit data, as breaching this single point of failure could have far-reaching consequences for nearly the entire population. Law enforcement agencies and data protection regulators are launching an official investigation into the incident, with the Department of Cybersecurity of Vietnam mobilizing state-owned technology partners like Viettel, VNPT, and NCS to assess the scope of the breach.
The State Bank of Vietnam (SBV) has issued a statement reassuring clients that CIC is one of four organizations authorized to provide credit information services in Vietnam. While the credit data itself does not include sensitive bank account information, other types of Personal Identifiable Information (PII) are likely to be impacted by the breach and could still be used by fraudsters.
Cybersecurity experts warn that such incidents can have cascading effects, including increased risk of identity theft, financial fraud, and systemic instability. In response to the breach, VNCERT has issued a strict warning to all individuals and organizations, urging them not to download, share, or exploit any leaked data.
The incident highlights the importance of cybersecurity in Vietnam's financial sector. Investment bank JPMorgan notes that the breach could lead to higher costs for banks to improve cybersecurity and is a potential risk to deposit flows. However, the bank maintains its recommendation to stay invested in Vietnamese banks "barring a widespread impact or further incidents."
Stay safe online, and follow me on Twitter: @securityaffairs and Facebook and Mastodon for the latest security news and updates.