Vietnam’s digital economy found itself under the spotlight this week as two major technology stories unfolded, sending ripples through the business and consumer communities alike. On October 14, 2025, Vietnam Airlines issued an official statement confirming a significant data breach involving its online customer care platform, while just a day earlier, Vimo/MPOS—a key payment service provider within the NextTech ecosystem—publicly denied rumors circulating online about a suspension of its payment operations. Both developments highlighted the growing challenges of data security and trust in Vietnam’s rapidly evolving fintech and digital services landscape.
According to a statement released by Vietnam Airlines and reported by CAFEF, the airline detected unauthorized access to a portion of its customer data processed through an online platform supplied by a global technology corporation. The breach was not isolated to Vietnam Airlines alone; the company was among a group of 39 international businesses affected by a cyberattack linked to the notorious hacker group Scattered LAPSUS$ Hunters. The group targeted the systems of Salesforce, a major provider of customer relationship management (CRM) solutions, in June 2025, as confirmed by Bloomberg. Other high-profile companies impacted included Google, Cisco, Disney, and FedEx.
Vietnam Airlines moved swiftly after receiving the alert. The airline "immediately coordinated with authorities, cybersecurity experts, and technology partners to investigate the incident, assess the extent of the breach, and strengthen data protection measures," the company said in its official communication. Importantly, the airline emphasized that all sensitive information—such as credit card details, payment data, passwords, travel itineraries, passport numbers, and Lotusmiles loyalty account balances—remained secure and unaffected by the breach as of October 14. Furthermore, the airline’s internal IT systems were not compromised.
To address customer concerns, Vietnam Airlines pledged to notify affected individuals directly and provide guidance on protective measures via email. The company urged customers to stay vigilant against potential phishing attempts, cautioning them not to share personal information, one-time passwords (OTP), or log into unverified systems. "Vietnam Airlines apologizes for the incident and any concerns it may have caused customers," the company stated, reiterating its commitment to safeguarding personal data and maintaining customer trust.
The breach’s scope remains a matter of concern. Sources cited by Bloomberg and other outlets estimate the number of Vietnam Airlines customer records exposed could range from 7.3 million to as many as 23 million, with the leaked data covering the period from November 23, 2020, to June 20, 2025. The Scattered LAPSUS$ Hunters group reportedly demanded a ransom from Salesforce, but after being rebuffed, proceeded to publicly disclose the stolen data, impacting multiple global enterprises in one fell swoop.
While Vietnam Airlines was grappling with the aftermath of the breach, Vimo/MPOS, a major player in Vietnam’s digital payments sector, found itself countering a different kind of crisis: social media rumors. On October 13, Vimo/MPOS released a formal statement—reported by SohaNews—categorically denying rumors that it had suspended or planned to suspend its mPOS, QR, or payment services. The company assured the public that "all mPOS, QR, and payment services continue to operate normally with no plans for suspension as of October 13, 2025."
Vimo/MPOS further explained that it was working closely with authorities to investigate and address the spread of misinformation, which had threatened to undermine customer confidence and the company’s reputation. The company advised partners and customers to rely solely on official information channels, including its website, fanpage, and hotline, for any updates or clarifications. "Vimo reaffirmed its commitment to stable, safe, and transparent operations, ensuring continuous payment transactions for customers," the company stated.
The statement also addressed another matter that had fueled speculation: the AntEx digital currency project. Vimo clarified that AntEx was a personal investment by Nguyen Hoa Binh (widely known as Shark Binh), and that the project had no connection to Vimo’s business operations or ownership. The company emphasized that Mr. Do Cong Dien, its current legal representative, was responsible for all company activities. This clarification came in the wake of an ongoing police investigation in Hanoi into complaints related to the AntEx project, which reportedly involved individual losses of around 2,000 USD. According to police statements at a Ministry of Public Security press conference, multiple departments—including those specializing in cybersecurity, economic, and criminal investigations—were actively involved in the case.
NextTech, the parent ecosystem of Vimo/MPOS, has a storied history in Vietnam’s tech sector. Founded in 2001 as PeaceSoft with a modest initial capital of just 2 million VND, the company rebranded as NextTech Group in February 2013 and rapidly expanded its portfolio. By 2020, Nguyen Hoa Binh had become the major shareholder and chairman, holding 70% of the capital, with other key stakeholders joining and leaving over the years. The company’s financial trajectory, however, has seen dramatic shifts: after raising its charter capital to 500 billion VND in late 2020, NextTech’s registered capital plummeted to just 4.2 billion VND by October 2023. Ownership remained concentrated, with Mr. Binh retaining 70%, Mr. Nguyen Huy Hoang holding 29.5%, and a new minor shareholder, Phuc An Hai Investment Co., Ltd., appearing with a 0.5% stake.
Similar capital fluctuations were observed at Ngân Lượng, NextTech’s payment intermediary subsidiary. Established in 2012 with an initial capital of 52.7 billion VND, Ngân Lượng’s capital soared to nearly 370 billion VND before dropping sharply to about 52 billion VND by early 2024—a decrease of over 85%. Such volatility reflects broader trends in Vietnam’s fintech sector, where rapid expansion is often followed by periods of consolidation and restructuring.
Both the Vietnam Airlines data breach and the Vimo/MPOS rumor episode underscore the challenges facing digital businesses as they navigate an environment fraught with cyber threats, misinformation, and shifting consumer expectations. For Vietnam Airlines, the incident serves as a stark reminder of the vulnerabilities inherent in relying on third-party technology platforms—no matter how globally established they may be. For Vimo/MPOS and the wider NextTech ecosystem, the episode highlights the importance of clear communication, transparency, and robust crisis management in maintaining public trust amid the relentless churn of social media speculation.
As Vietnam’s digital economy continues to grow, these events offer a sobering lesson: the race to innovate must be matched by an equally strong commitment to security, transparency, and customer care. Only by doing so can companies hope to weather the storms of a digital age where trust is hard-won—and easily lost.
