Hackers claim to have breached personal data of 100 million Zalo users

Hackers have made these claims public on social media, raising concerns about the security of one of the most widely used media platforms in Vietnam.

According to the hacker's post, sensitive information such as phone numbers, usernames, and display names of Zalo users were compromised.

A sample of the stolen data was allegedly shared as evidence. However, there has been no official confirmation or denial from Zalo or relevant authorities regarding the legitimacy of the breach.

The alleged breach has caused widespread concern among millions of Zalo users, many of whom use the app for personal and work communication, according to a report from website HackManac.

With access to phone numbers and usernames, cybercriminals can carry out phishing attacks or even identity theft.

Security experts are now warning Zalo users about the potential risks of cyberattacks and scams that are becoming more sophisticated. They advise users to always maintain high vigilance and take precautions to protect personal information.

Specifically, users should not click on strange or suspicious links, especially those sent via unsolicited messages, as these may be part of phishing campaigns aimed at hijacking accounts or sensitive information.

In addition, experts also advise users not to reply to messages of unknown origin or with content inviting them to download applications, software or participate in fake promotions, as these are common tricks that scammers often use to commit fraud.

Additionally, security experts recommend that users proactively protect their accounts by enabling two-factor authentication (2FA). This adds an extra layer of protection, requiring users to confirm their identity through an additional method, such as a confirmation code sent via SMS or an authenticator app, in addition to the usual password. This helps prevent bad actors from accessing the account even if they obtain the user's password.

In addition, users should also change their passwords periodically and avoid using easy-to-guess or duplicate passwords between different accounts. Changing passwords regularly and creating strong passwords, combining uppercase and lowercase letters, numbers and special characters, will help increase security and reduce the risk of being attacked.

While the extent of the breach is still unclear, security experts warn that even the disclosure of a small amount of personal information can pose a serious security risk. Information such as a full name, phone number, email address, or even a date of birth can be used by bad actors to conduct phishing attacks, take over accounts, or use social engineering to steal more sensitive data.

Leaked personal information can be the basis for more sophisticated attacks, including identity theft, bank account hacking, or financial fraud. Therefore, even if not all information is leaked, revealing a small portion can increase the risk of an attack and have unpredictable consequences.

Until there is more clarity on the extent and scope of the breach, users should maintain a high level of vigilance and caution in all online activities. This includes carefully checking links before clicking, avoiding interacting with messages from unknown or suspicious sources, and not sharing personal information over unsecured channels.

Users should also verify the authenticity of the information received, especially requests related to bank accounts, passwords or other sensitive data.

Up to now, Zalo has not made any official statement to confirm or deny the security breach that is attracting public attention.

The company's failure to provide details about the incident, including its severity, scope, and the remedial or investigation measures it is taking, has left users and the community wondering about the security of the platform and whether there are any potential risks to users' personal data.