Cybersecurity

Hong Kong government told by its IT office to carry out urgent cybersecurity review after leaks from two departments

May 5, 2024
43 1 minute read
Untitled design6
795731f3 ee16 4a4d 93c3 9a124d974cf7 16d01541.jpg


The Hong Kong government has been told to carry out cybersecurity checks after reports of major data breaches in two departments over the past few days that involved the personal details of almost 130,000 people.

The Office of the Government Chief Information Officer – the government’s top information technology unit – said in a Facebook post on Sunday that it had asked all bureaus and departments to review their computer security and report back within a week.

“[We] are highly concerned about the cybersecurity incidents at government departments recently, especially involving the leaks of personal data,” the office wrote.

“Apart from providing technical support, the office has also again sent clear directives to the heads of bureaus and departments, asking them to conduct a comprehensive review of their existing cybersecurity measures.

The Companies Registry, where a major data breach sparked a call from the government’s IT experts for a review of cybersecurity across the administration. Photo: Handout

“We also reminded all users and systems under the departments that they must strictly comply with the government’s rules, policies and guidelines on data security in handling sensitive and personal information.

“In no way can the data be stored on publicly-owned cloud platforms.”

The Companies Registry last Friday said personal information on about 110,000 people had been leaked because of a fault in its digital platform.

Information revealed included names, addresses, telephone numbers and email addresses, as well as identity and passport numbers.

Hong Kong government centralised cybersecurity needed, experts say

The Electrical and Mechanical Services Department a day earlier reported that information on 17,000 public housing tenants required to take coronavirus tests in 2022, including their names, phone numbers, ID numbers and addresses, had been compromised.

IT experts have appealed to the government to draw up policies to centralise cybersecurity protection for all departments and associated organisations in a bid to cut the risk of more security breaches.

The Office of the Privacy Commissioner for Personal Data announced last Thursday that the Consumer Council had breached privacy rules when personal information about more than 470 people was stolen in a cybersecurity attack last September.



Source

May 5, 2024
43 1 minute read

Related Articles

CISOs Grapple With IBM’s Unexpected Cybersecurity Software Exit

CISOs Grapple With IBM’s Unexpected Cybersecurity Software Exit

May 17, 2024
New cybersecurity sheets from CISA and NSA: An overview

New cybersecurity sheets from CISA and NSA: An overview

May 15, 2024
OSCE holds fourth annual meeting of national cybersecurity points of contact in Vienna

OSCE holds fourth annual meeting of national cybersecurity points of contact in Vienna

June 12, 2024
International Assets Investment Management LLC Acquires New Position in Amplify Cybersecurity ETF (NYSEARCA:HACK)

International Assets Investment Management LLC Acquires New Position in Amplify Cybersecurity ETF (NYSEARCA:HACK)

April 14, 2024
Back to top button