SBV confirmed that CIC is one of four organisations authorised to provide credit information services in Vietnam, and the credit data it collects does not include bank account numbers, account balances, savings books, payment accounts, debit or credit card numbers, CVV/CVC codes, or clients’ transaction histories.

In its statement, the central bank emphasised that commercial banks’ IT systems continue to operate safely and stably, ensuring the protection of clients’ assets and information. It regularly directs financial institutions to strengthen security measures, comply with legal regulations on IT safety, and safeguard customers’ rights.

Regarding the incident, the Vietnam Cyber Emergency Response Team (VNCERT) has identified signs of cyberattacks targeting the theft of personal data at CIC. The amount of data illegally accessed is still being assessed. VNCERT has warned organisations and individuals not to download, share, or exploit the data, as violations will be handled according to the law.

Clients are advised to follow official guidance from authorities and financial institutions to protect their information, and to remain vigilant against scams, malware, or fraudulent attempts exploiting this incident.

The central bank reaffirmed that clients’ accounts, transactions, and financial information remain safe.

National credit info centre hacked, personal data at risk

A cybersecurity breach at the National Credit Information Center (CIC) has been confirmed by the Vietnam Cyber Emergency Response Center (VNCERT), with initial investigations pointing to a criminal cyberattack aimed at stealing personal data.