Vietnam Airlines has confirmed that some customers’ personal information, including full names, email addresses and phone numbers, was exposed in a recent data breach linked to its technology partner’s online customer service platform.
In an email sent to customers on Oct. 14, the national carrier said it was alerted after hackers uploaded 23 million customer records belonging to several companies, including Vietnam Airlines, on data-trading forums on Oct. 10. The leaked dataset contained information ranging from November 2020 to June 2025.
Read more…
Source: MSN News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Stayin’ Alive – targeted attacks against telecoms and government ministries in Asia
October 11, 2023
In the last few months, Check Point Research has been tracking “Stayin’ Alive”, an ongoing campaign that has been active since at least 2021. The campaign operates in Asia, primarily targeting the Telecom industry, as well as government organizations. The “Stayin’ Alive” campaign consists of mostly downloaders and loaders, some of which are used as ...
- Grayling: Previously unseen threat actor targets multiple organizations in Taiwan
October 10, 2023
A previously unknown advanced persistent threat (APT) group used custom malware and multiple publicly available tools to target a number of organizations in the manufacturing, IT, and biomedical sectors in Taiwan. A government agency located in the Pacific Islands, as well as organizations in Vietnam and the U.S., also appear to have been hit as ...
- New malware variant has “radio silence” mode to evade detection
March 7, 2023
The Sharp Panda cyber-espionage hacking group is targeting high-profile government entities in Vietnam, Thailand, and Indonesia with a new version of the ‘Soul’ malware framework. The particular malware was previously seen in espionage campaigns targeting critical Southeast Asian organizations, attributed to various Chinese APTs. Read more… Source: Bleeping Computer
- New PHP information-stealing malware targets Facebook accounts
October 16, 2022
A new Ducktail phishing campaign is spreading a never-before-seen Windows information-stealing malware written in PHP used to steal Facebook accounts, browser data, and cryptocurrency wallets. Ducktail phishing campaigns were first revealed by researchers from WithSecure in July 2022, who linked the attacks to Vietnamese hackers. Those campaigns relied on social engineering attacks through LinkedIn, pushing .NET Core ...
- Vietnamese attacker circumvents Facebook security with ‘DUCKTAIL’ malware
July 27, 2022
Security vendor WithSecure, which was spun out in March 2022 as F-Secure’s enterprise security arm, claims it’s found malware that targets Facebook Business accounts. “The threat actor targets individuals and employees that may have access to a Facebook Business account with an information-stealer malware,” states WithSecure’s report on the campaign. “The malware is designed to steal browser ...
- An unknown APT actor attacking high-profile entities in Europe and Asia
June 21, 2022
ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible for multiple sets of attacks detected since December 2020 against high-profile entities in Europe and Asia. We still have little information about this actor, but we know that its main distinctive signs are two formerly ...