Customers should think carefully before providing personal information on the Internet. (Source:genk.vn)Hanoi (VNS/VNA) - The State Bank of Vietnam (SBV) has issued a decreeasking businesses to enhance customer information privacy after an alleged breachof mobile retail chain The Gioi Di Dong (Mobile World) revealed personalinformation of more than five million customers.
Thebreach hit the headlines last week after a hacker posted three files includingmore than five million emails, 31,000 bank card numbers and transactionhistories on RaidForums.
TheGioi Di Dong quickly denied it was the source of the stolen data. The companysaid it did not store any information related to customers’ bank card numbersor transaction history, adding that banking information is processed by paymentservice providers, meaning the information could not have been stolen from TheGioi Di Dong. The company said its information system was safe and operatingnormally.
On November10, the Authority of Information Security under the Ministry of Information andCommunications said it had found nothing to indicate The Gioi Di Dong’s systemhad been hacked.
Afterworking with the company, the Authority of Information Security said the emailsand bank numbers were likely collected from other sources and did not haveanything to do with The Gioi Di Dong.
Still,the breach was alarming. The origin of more than five million emails and 31,000bank card numbers has not been identified.
TheSBV asked payment service providers and intermediaries to work with The Gioi DiDong to identify the cause and monitor the transactions of cards involved inthe breach to protect customers.
Thecentral bank also asked payment service providers to comply with customers’information privacy regulations.
TheSBV said in a note on its website on November 10 that initial reports frombanks had not found any cases of account appropriation of customers with cardsexposed by the breach. However, the breach caused security concerns amongcustomers.
Thecentral bank said it would work closely with other management agencies touncover the hackers and their motives and dole out punishments in accordancewith established laws.
Severaldays after The Gioi Di Dong’s alleged breach, a hacker posted data which wassaid to be stolen from baby product retailer Concung.com and threatened to publish data stolen from technologyretail chain FPT Shop.
Accordingto security forum WhiteHat, the data said to have been taken from Concung.com included names, positions and working addresses ofmore than 2,200 employees. More than 2,100 phone numbers, 1,130 emails, 2,200identity card numbers and 1,390 portraits were also revealed.
Accordingto the Authority of Information Security, cyber attacks designed to stealpersonal information of customers became more common in 2018.
InDocument No 8511/NHNN-TT, the authority asked firms to enhance customer privacyand information security.
Datacollection, storage, processing and transmitting must be encoded to comply withsecurity regulations.
Theauthority urged customers to think carefully before providing personal informationto online services and to regularly change passwords.
NgoAnh Tuan from security company BKAV said enterprises should invest in securitysystems, especially firms with retail stores and online marketplaces.-VNS/VNA
VNA
