Vietnamese technology company with gaming, payments, cloud, and internet services.
In May 2015, VNG Corporation’s Zing.vn platform suffered a data breach that exposed over 163 million user accounts (about 25 million unique email addresses). The compromised data included usernames, unsalted MD5 password hashes, emails, phone numbers, names, dates of birth, genders, IP addresses, home addresses, marital statuses, and occupations. The breach became public in April 2018 when the data appeared on hacking forums and was later added to Have I Been Pwned (via dehashed.com); it resurfaced in 2024 within larger leaked-data compilations. No specific threat actor or intrusion vector has been reliably established. (Note: a "passport" field cited in one catalog was not corroborated by HIBP or Vietnamese authorities and is treated as unconfirmed.)
ObscureIQ assessment: High risk due to ecosystem breadth. Exposure enables account takeover, fraud, phishing, and cross-service identity linkage across gaming, media, and communications products.
The breach exposed credentials (unsalted MD5 password hashes) alongside emails, names, dates of birth, addresses, and other profile data for over 163 million accounts, one of the largest breaches in Vietnamese history. Weak password hashing makes account takeover and credential stuffing highly feasible, and the combination of contact and profile data supports large-scale phishing and identity linkage across VNG’s services and beyond.
VNG Corporation is a major Vietnamese technology company (founded 2004) operating a broad internet ecosystem including online gaming, the Zalo messaging platform, ZaloPay digital payments, Zing entertainment/media, and cloud services. Through Zing.vn and related products it maintained tens of millions of user accounts with identity, contact, and credential data.
Digital platform ecosystems collect user identity, contact details, gaming records, payment data, messaging activity, and service-linked behavioral data across multiple internet services.
The 2015 Zing.vn breach became public in April 2018 when the data was found trading on hacking forums, prompting a VNG apology and Vietnamese Ministry of Public Security involvement. The dataset resurfaced in 2024 within larger leaked-record compilations (e.g., on BreachForums). VNG has continued to grow into one of Vietnam’s largest tech firms and a regional gaming and fintech player.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
If you believe your information may be included:
In May 2015, VNG Corporation’s Zing.vn platform suffered a data breach that exposed over 163 million user accounts (about 25 million unique email addresses). The compromised data included usernames, unsalted MD5 password hashes, emails, phone numbers, names, dates of birth, genders, IP addresses,…
Verified fields include Date of Birth, Email Address, Full Name, Gender, IP Address, Job Information, Password, Phone Number, Physical Address, Relationship Status, Username.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation