CMC Corporation suffered a ransomware attack targeting a small-scale technical service within its system. The breach resulted in the compromise of approximately 2 TB of sensitive data, including critical token data, database information, and website assets from multiple databases in their data center. While the company activated emergency response protocols to minimize downtime, the attack did not impact customers directly. However, the incident highlights the broader threat landscape in Vietnam, where ransomware infected 156,000 computers in 2023, causing financial losses, operational shutdowns, and reputational damage. CMC is collaborating with Vietnam’s Ministry of Public Security to investigate the attack. Though customer data remained unaffected, the exposure of internal systems and proprietary data poses significant operational and security risks, aligning with trends where businesses face billions in damages from similar cyber incidents globally.
Source: https://vir.com.vn/cmc-corporation-hit-by-ransomware-attack-126485.html
TPRM report: https://www.rankiteo.com/company/cmc-corporation
"id": "cmc2062120092525",
"linkid": "cmc-corporation",
"type": "Ransomware",
"date": "6/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 'None',
'industry': 'Technology/IT Services',
'location': 'Vietnam',
'name': 'CMC Corporation',
'type': 'Corporation'}],
'customer_advisories': 'No impact on customers reported',
'data_breach': {'data_exfiltration': 'Yes (2 TB of data compromised)',
'sensitivity_of_data': 'High (sensitive data)',
'type_of_data_compromised': ['Critical token data',
'Database information',
'Website assets']},
'description': 'Due to the attack, approximately 2 TB of sensitive data was '
'compromised, including critical token data, database '
'information, and website assets sourced from various '
'databases, all housed within their data centre. The company '
'detected signs of an attack on a small-scale technical '
'service in the system and activated emergency response '
'procedures, minimizing downtime without affecting users. The '
'system has been restored and is operating stably. CMC is '
'coordinating with the Ministry of Public Security’s '
'Department of Cyber Security and High-tech Crime Prevention '
'to investigate the cause.',
'impact': {'data_compromised': '2 TB (including critical token data, database '
'information, and website assets)',
'downtime': 'Minimal (shortened interruption time)',
'operational_impact': 'None (no impact on users reported)',
'systems_affected': ['Small-scale technical service in the system',
'Data centre databases']},
'investigation_status': 'Ongoing (coordinating with law enforcement)',
'ransomware': {'data_exfiltration': 'Yes (2 TB of data)'},
'references': [{'source': 'HookPhish'},
{'source': 'BKAV (Vietnam cybersecurity report)'},
{'source': 'Cybersecurity Ventures 2024'},
{'source': 'PeckShield and Immunefi (cryptocurrency theft '
'report)'}],
'regulatory_compliance': {'regulatory_notifications': 'Coordinating with '
'Ministry of Public '
'Security’s Department '
'of Cyber Security and '
'High-tech Crime '
'Prevention'},
'response': {'incident_response_plan_activated': 'Yes (emergency response '
'procedure activated)',
'law_enforcement_notified': 'Yes (coordinating with Ministry of '
'Public Security’s Department of '
'Cyber Security and High-tech Crime '
'Prevention)',
'recovery_measures': 'System restored and operating stably'},
'title': 'Ransomware Attack on CMC Corporation',
'type': 'Ransomware Attack'}