DIE Group, suspected to be a new group of hackers from Vietnam, has allegedly attacked a branch of state-owned telecom giant VNPT, stealing private information of more than 50,000 users.
A recent post on the group’s Facebook page said it was having information including names, addresses, phone numbers and passwords used to sign in to VNPT services.
It said it has sent a warning about the hack to VNPT, but the company failed to take any action. So it decided to publish the information of around 10,000 customers on mega.co.nz, an online sharing service.
The Facebook post also said that the link was only shared between the group’s members, who were recommended not to spread the information further.
Bui Quoc Viet, a spokesman of VNPT, said there has been an attack but it received no warning from DIE Group.
Viet said hackers stole the customers’ information last week by penetrating into a search module at a branch of the group in the southern province of Soc Trang.
He said the data were secured on Saturday and that VNPT is working with authorities to make DIE Group legally responsible for the attack.
DIE Group removed the link on mega.co.nz that night.
Tran Quang Chien, who managed securitydaily.net, a website run by Vietnam Information Security Association which informed VNPT of the exposure, said the hackers were likely using SQL injection, in which malicious statements are inserted into an entry field to dump the database contents to the attacker.
Chien said the hackers might have also stolen the admin information of the page.
Information exposed by the group will benefit spammers, he said.