164 million Vietnamese records found in world’s historic data breach

A database 12 terabytes in size was involved in a data breach, considered to be the largest in history, according to reports from security firms Security Discovery and Cyber News, Forbes reported on Tuesday.

Chinese firm Tencent was considered to be the most heavily affected company by the data breach, with 1.5 billion among their 2.6 billion personal records on multiple platforms being leaked. It is followed by Weibo with 504 million records, Myspace with 360 million records, X with 281 million records, LinkedIn with 251 million records and Zing with 164 million records, Mashable reported.

Among the leaked data were also records involving non-profit organizations of the U.S., Brazil, Germany, Turkey and the Philippines.

Among the leaked records, there were accounts with the suffix @Zing.vn, which were filed under the Zing.vn folder.

Zing is a brand name under VNG and is used for many of its services, including music platform Zing MP3, social media platform Zing Me and gaming platform Zing Play.

The identity of whoever collected these data has not been revealed. Analysts said the records may have come from data breaches in the past and may have been duplicates.

A representative of VNG confirmed that the records leaked in the latest data breach was from a previous leak on Raidforums in 2018, where over 163 million accounts were leaked by hackers.

“These were accounts created by the games and not users’ data. VNG has supported customers to switch to a new login system with higher security, and so far has not received any issue relevant to this,” the representative said.

Vu Ngoc Son, tech director of the Vietnam National Cyber Security Technology corporation, said data leaks often occur over long periods of time, meaning users’ data may have already been part of the databases being sold online. These data may have been stolen from several years prior, or until recently. Users should change their passwords, turn on multi-factor authentication and be wary of scam emails, whether or not they are victims of a data breach, he said.