I just came across a more detailed news report on the VietNam breach I mentioned yesterday. Tuoi Tre reports:
In October 2010, [Duong Hong] Le set up the company’s official website at danhsachkhachhang.com, but the site has focused only on offering to sell lists of information on individuals, companies and organizations.
The website… contains the names of 30,000 prepaid mobile phone subscribers of MobiFone in HCMC, 1,200 chairmen of management boards of companies, 850 members of the Entrepreneurs’ Club 2030, 780 stock investors at the Vien Dong Company, 1,100 TVSI stock investors, 700 customers of the VGB gold trading floor, 2,230 owners of real estate in the Phu My Hung New Urban Area, 800 owners of properties from Him Lam , 1,200 customers of the Saigon Pearl Project, 1,300 Mercedes owners, 750 BMW owners, 1,300 members of the FV Hospital, 10,000 customers of Nguyen Kim Shopping Center, and 500 architects at various companies in HCMC.
According to investigators, Le has 51 lists of information for sale at a price of VND500,000-600,000 per list.
Le told investigators that he had earned about VND21 million (US$1,000) from the illegal business.
He said he had halted his business operations on January 1, 2011 after Tuoi Tre published an article about his illegal trading of private information, but six months later, he continued his activities, since he found that many other websites did the same and thought that such activities would not be banned.
Le said he had bought all of the lists from a man named Le Minh Trung, owner of the website www.timkhachhang.com, and Hua Van Tuan, who owns the website www.dtavip.com.
[…]
As of December 2011, [Le Minh] Trung had about 230 lists of customers in the fields of economics, finance, investment, and real estate. Each list contains detailed personal information such as names, telephone numbers, and workplaces of customers.
Read more on Tuoi Tre. This seems to be a fairly widespread problem in VietNam, and while the information may not be hugely sensitive, if they’re not careful, they’ll wind up with data being sold and re-sold, and re-sold… and before you know it, their databases will be as inaccurate and as annoying as ours.