Hong Kong government told by its IT office to carry out urgent cybersecurity review after leaks from two departments
The Office of the Government Chief Information Officer – the government’s top information technology unit – said in a Facebook post on Sunday that it had asked all bureaus and departments to review their computer security and report back within a week.
“[We] are highly concerned about the cybersecurity incidents at government departments recently, especially involving the leaks of personal data,” the office wrote.
“Apart from providing technical support, the office has also again sent clear directives to the heads of bureaus and departments, asking them to conduct a comprehensive review of their existing cybersecurity measures.
“We also reminded all users and systems under the departments that they must strictly comply with the government’s rules, policies and guidelines on data security in handling sensitive and personal information.
“In no way can the data be stored on publicly-owned cloud platforms.”
The Companies Registry last Friday said personal information on about 110,000 people had been leaked because of a fault in its digital platform.
Information revealed included names, addresses, telephone numbers and email addresses, as well as identity and passport numbers.
Hong Kong government centralised cybersecurity needed, experts say
Hong Kong government centralised cybersecurity needed, experts say
IT experts have appealed to the government to draw up policies to centralise cybersecurity protection for all departments and associated organisations in a bid to cut the risk of more security breaches.
The Office of the Privacy Commissioner for Personal Data announced last Thursday that the Consumer Council had breached privacy rules when personal information about more than 470 people was stolen in a cybersecurity attack last September.