Many passengers at Noi Bai and Tan Son Nhat airports panicked when flight information changed on screens and false information was seen at most check-in counters on Friday afternoon.
Screens displaying flight information at the two airports were seen containing distorted information about the South China Sea, which Vietnam calls the East Sea.
The sound systems were also taken over. Authorities also realized that a strange message had been airing for about four minutes, and turned off the entire loudspeaker system.
Deputy Minister of Transport Nguyen Nhat said that the hackers had only gained access to the interface of the screens showing Vietnam Airlines’ flight information at Noi Bai and Tan Son Nhat, not the search or booking system. Flight control and security had not been affected.
The website of Vietnam Airlines was also breached at 4 p.m. Friday by hackers who posted an announcement saying that the site had been hacked and the content changed.
An insulting recording about Vietnam and the Philippines was posted, along with a message regarding China's claims to the South China Sea. Hacking group 1937cn claimed responsibility for the attack.
At the bottom of the site there was a link to pastebin.com which contained options to download an Excel file. The file was 100MB and contained confidential data including names, dates of birth and addresses of 400,000 members of Vietnam Airlines' frequent fliers club, Golden Lotus.
Some of the details also included position, workplace and phone number. VnExpress has run a random check on 10 accounts and confirmed that they are real.
The screens at Noi Bai Airport were off this afternoon, and passengers were delayed at check-in counters. Photo by H.S.
At 5:30 p.m, the user interface on the Vietnam Airlines site returned to normal, but changes on the company’s subdomain at http://glp.vietnamairlines.com/ remained until some time later.
According to security expert Nguyen Hong Phuc, the confidential data leaked by the group came from a successful breach of Vietnam Airlines' client database. To minimize risks, Phuc urged Golden Lotus members to change their passwords immediately.
More security officers have been deployed at Noi Bai Airport. Photo by Hai Linh.
The Ministry of Transport has asked the Ministry of Public Security to investigate.
As of May 2015, over 200 Vietnam’s websites had been attacked by groups from China, mostly 1937cn. According to security experts, website 1937cn.net was established to provoke and attack Vietnamese websites.
1937cn is known as the most notorious hacker group in China with over 40,000 attacks launched recently, according to Chinese hacker ranking site hack-cn.com.
On July 12, an international arbitration tribunal ruled in favor of the Philippines, rejecting China's sweeping claim to large swaths of the South China Sea. China has dismissed the ruling as a "farce".
In June of last year, amid territorial disputes in the South China Sea, 1937cn attacked the website of the University of Santo Tomas' Museum of Arts and Sciences in the Philippines, leaving similar provocative messages.