November 7, 2023
Personal data[1] is of great value in today’s digital economy due to its advantages for businesses, such as market and customer analysis, advertising, product marketing, etc. Therefore, violations related to personal data such as attacks on personal data systems, and theft or trading of personal data have been increasing. Meanwhile, most enterprises and organizations do not fully comply with regulations on personal data protection.
In fact, the number of data leakages in Vietnam is considerable (personal data of more than two-thirds of the Vietnamese population is being stored, posted, shared, and collected on the Internet), even taking place in many large companies and corporations, which are recognized for their infrastructure to ensure information security. These businesses operate in many important and vital areas of life such as healthcare, finance, technology, etc.
There are some typical cases occurring in Vietnam recently:
Although the company’s representative, CTO Nguyen Minh Khoi affirmed that it was not Sapo customer data, but simulated information used in software programming, it still raised concerns about the level of data security for Sapo’s users.
Recently (15/5/2023), (15/5/2023), personal data which was believed to belong to customers of FPT brands such as FPT Edu, FPT Shop and FPT Long Chau was shared on Telegram. The hacker claimed that the leaked data was exploited by a systematic attack on a website in the chain of FPT. According to security experts, the information spread by the hacker was in a form that was quite similar to that extracted from the system’s database. However, FPT has not yet commented on this issue[7].
(Information about investigations and/or sanctions has not been made public)
In addition, there have been many cases of Vietnamese personal data leakages on many platforms, without being able to retrieve the data source, most notably the Raidforums. For example, the case of selling 17GB KYC data of nearly 10,000 Vietnamese people, including photos of identity cards, selfie photos/videos, addresses, phone numbers and email addresses. This data is likely to come from online lending applications, virtual currency exchanges, etc. Or the case of 119,000 data including email addresses, phone numbers and passwords of users believed to belong to a private insurance company also appeared on Raidforums;…
It can be seen that the disclosure of personal data at enterprises is very common, stemming from many reasons, both subjectively from enterprises and objectively from criminals. In order to protect your business from the risk of personal data leakage, directly affecting business operations and reputation, enterprises need to fully comply with regulations and apply advanced protection measures to minimize the possible risks./.
PrivacyCompliance provides solutions related to ensuring compliance with personal data, assessing the impacts of personal data processing, and DPO service. |
PrivacyCompliance
#data #personaldata #violation #Vietnam #crimminalcases
[1] “Personal data” refers to electronic information in the form of symbols, letters, numbers, images, sounds, or equivalences associated with an individual or used to identify an individual.
[2] https://vtc.vn/website-cua-vietnam-airlines-bi-hack-lo-thong-tin-khach-hang-ar268720.html
[3] https://dantri.com.vn/suc-manh-so/vng-len-tieng-ve-su-co-160-trieu-zing-id-bi-lo-thong-tin-ca-nhan-20180427221703028.htm
[4] https://tuoitre.vn/thong-tin-mot-so-khach-hang-o-maritime-bank-nghi-bi-danh-cap-20191122100004909.htm
[5] https://vietnamnet.vn/benh-vien-tu-du-giai-thich-nguyen-nhan-lo-thong-tin-cua-san-phu-2052946.html
[6] https://vietnamnet.vn/nhieu-du-lieu-thong-tin-cua-nguoi-dung-viet-bi-rao-ban-tren-mang-i5006685.html
[7] https://vietnamnet.vn/nghi-van-khoi-giao-duc-fpt-bi-tan-cong-mang-gay-lo-lot-du-lieu-2143846.html
[8] https://congly.vn/xet-xu-nhom-bi-cao-mua-ban-trai-phep-so-dien-thoai-ca-nhan-235288.html
[9] https://vneconomy.vn/lap-trinh-vien-ban-thong-tin-du-lieu-ca-nhan-thu-loi-hon-279-trieu-dong.htm
[10] https://congan.hatinh.gov.vn/bai-viet/lap-nhom-data-khach-hang-tiem-nang-de-mua-ban-thong-tin-ca-nhan_1675689390.caht
[11] https://thanhnien.vn/pha-2-duong-day-mua-ban-trai-phep-thong-tin-ca-nhan-thu-loi-bat-chinh-tien-ti-1851517100.htm
[12] https://bocongan.gov.vn/tin-tuc-su-kien/cong-an-tinh-quang-nam-dieu-tra-thu-doan-cua-cong-ty-mirae-asset-mua-ban-15000-du-lieu-ca-nhan-d17-t33772.html
[13] https://vov.vn/chinh-tri/bo-cong-an-dang-dieu-tra-vu-rao-ban-30-trieu-du-lieu-ca-nhan-post962302.vov
[14] https://nhandan.vn/se-thanh-tra-toan-dien-viec-bao-dam-an-toan-du-lieu-thong-tin-ca-nhan-post723221.html
Do foreign enterprises have to store their data in Vietnam? In this day and age, data in general is increasingly becoming more and more valuable. Most service-based companies live off data collected from their clients, prime examples of this type of companies include social media networks such as Facebook or search engines such as Google […]
Learn more
The Decree on personal data protection has been officially issued On April 17, 2023, the Decree on Personal Data Protection has been issued as Decree No. 13/2023/ND-CP (hereinafter referred as “Decree”) and officially takes effect on July 1st, 2023. This is the first legal document that directly regulates the issue of personal data in Vietnam, […]
Learn more
Managing spam messages and calls in Vietnam Spam messages and calls have been defined as advertising messages and calls which are made without users’ prior consent as well as not being under the receiving responsibility of the recipients. So the question to be raised is why, despite the unwillingness to receive advertising information, do people […]
Learn more