According to the confirmation of the National Cyber Emergency Response Center (VNCERT), this incident is a cyber attack with signs of crime, appropriating personal data, and is considered one of the most serious data breaches in Vietnam to date.
9Pay affirms that it does not share or transmit any data of 9Pay and 9Pay customers to CIC. Therefore, all personal information, card information and transaction data of customers using 9Pay services are not affected by the incident at CIC.
9Pay system has been applying strict security measures, including: Always complying with personal data protection laws and having PCI DSS standards to ensure card information security. Strictly complying with regulations of the State Bank of Vietnam ; encrypting all payment information and personal identification; periodic quarterly review and assessment process; being independently assessed by international organizations annually.
In particular, 9Pay has been granted PCI DSS level 1 certification - the highest and most stringent level of the Payment Card Industry Data Security Standard, ensuring that all transactions through the 9Pay payment gateway comply with international security standards.
As a fintech specializing in digital payment platforms, 9Pay is serving hundreds of thousands of customers and transactions every day. Aware of the importance of payment data security, 9Pay is always proactive in reviewing all activities of storing, transmitting, protecting and using personal data throughout the process of operating products and services. At the same time, 9Pay also increases warning activities, consulting customers and partners against risks of data leakage and common forms of fraud, including: Impersonating banks/CIC to steal OTP, passwords; hot loan fraud, CIC debt cancellation; illegal registration of financial services (e-wallets, quick loans); spam/fraudulent advertising related to credit, debt.
Internally, 9Pay has issued specific regulations and instructions, requiring all employees to strictly comply with security principles: Do not share login information of internal systems; do not provide OTP/password via phone, email or unofficial channels; change passwords periodically, enable 2-layer authentication (2FA) for important accounts; be wary of fake messages/calls related to CIC, banks, loans; do not access/download files, links suspected of containing leaked data from recent attacks.
Mr. Nguyen Thanh Trung, CTO 9Pay said: 9Pay is committed to absolute protection of customer information, strictly complying with information security regulations and international security standards.
“We will continue to closely coordinate with the authorities, and at the same time step up propaganda and guidance so that customers and partners can be more vigilant against the increasing fraud tricks after the CIC incident,” Mr. Nguyen Thanh Trung affirmed.
Source: https://nhandan.vn/9pay-khang-dinh-an-toan-du-lieu-khach-hang-truoc-su-co-thong-tin-tin-dung-tai-cic-post907723.html
![[Video] Stop planning, appoint new leaders of the School Board](https://vphoto.vietnam.vn/thumb/402x226/vietnam/resource/IMAGE/2025/9/15/d424c984538049f28fce15d2066c711d)
![[Photo] Off-road racing: Adventure sport, attractive tourism product](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/14/45123bd29c884b64934da038d947d344)
Comment (0)