Hong Kong private hospital given 4 weeks to submit report over US$10 million ransomware attack
The Department of Health said on Saturday that it was investigating the incident at Union Hospital in Tai Wai, with its initial findings showing the ransomware attack had not compromised any patient data or medical services.
“Our initial understanding is that it did not involve [the release of] patients’ data nor did it affect the service security of the hospital,” it said. “The Department of Health has requested the hospital to hand in a detailed report in four weeks.”
Health authorities said they had also notified law enforcement agencies, including police and the city’s privacy commissioner.
Union Hospital revealed on Thursday that it had fallen prey to the ransomware attack on Monday morning, resulting in some “operational disruptions”.
“In response to the attack, the hospital has activated the emergency response system and stepped up cyber security measures to block further intrusion … Union Hospital condemns any form of cyberattack,” the hospital said.
“A team of cybersecurity experts has been appointed to conduct thorough system inspection and recovery in order to ensure medical service continuity.”
The hospital stressed that its staff had been vigilant over cybersecurity threats and ensured that all patient records were encrypted and password-protected.
“The leakage of patient data is unfounded as of now. An investigation into the attack is in progress,” it said.
Record 73% of Hong Kong companies hit by cyberattacks in past year: watchdog poll
Record 73% of Hong Kong companies hit by cyberattacks in past year: watchdog poll
Hackers reportedly used ransomware called “LockBit” to target the hospital and demand the US$10 million ransom, which the latter refused to pay.
Police said they received a report from a hospital employee on Monday over abnormalities in the hospital’s network system including some computer files going missing, but no personal data was involved.
Source…
Hong Kong Ballet reports data breach from ransomware attack, becomes third well-established city organisation to be hacked in 2 months
Hong Kong Ballet has reported a data breach caused by a ransomware attack on its computer systems, becoming the third well-established organisation in the city to be hacked in two months.
In an official statement released on Monday night, the renowned cultural institution said it had recently discovered its network systems had been infected with ransomware, allowing intruders to illegally access files stored on computers.
Data including personal user details and the organisation’s internal information had been viewed by the intruders, while it was still working to determine the full scope of data accessed, it said in the statement.
Data of 900 Hongkongers exposed in hack attack of WhatsApp accounts
Data of 900 Hongkongers exposed in hack attack of WhatsApp accounts
But due to file encryption by the ransomware, the organisation added it was unable to determine the contents of all files illegally accessed.
“We take this matter seriously and are diligently working to address the issue promptly and responsibly,” the institution, founded in 1979, said, expressing regret over the matter.
It also added it had not received any ransom demands or threats of data leak so far.
The company said it had immediately launched an internal investigation upon detecting the incident and hired external cybersecurity experts to assess the extent of the breach and implement measures.
Head of Hong Kong consumer watchdog apologises over potential personal data leak
Head of Hong Kong consumer watchdog apologises over potential personal data leak
The ballet institution, financially backed by the government, also notified police and the Office of the Privacy Commissioner for Personal Data.
It urged partners to remain vigilant and take precautionary measures such as regularly changing passwords, monitoring financial statements, and exercising caution when handling suspicious messages.
Users should also be wary of potential phishing attempts and to only share personal information through official channels, it warned, adding efforts had been made to contain the incident and prevent further unauthorised access to internal systems.
Data stolen from Hong Kong Cyberport includes staff details, credit card records
Data stolen from Hong Kong Cyberport includes staff details, credit card records
Early last month, international hackers demanded a ransom of HK$2.35 million (US$300,500) after hacking into tech hub Cyberport’s computers and stealing…
Hong Kong Cyberport defends move to not reveal hacking attack, says stolen data includes details on staff and ex-workers, credit card records
It added: “We were subsequently made aware that some information available on the dark web could potentially be related to the incident and we immediately made a public announcement on [September 6] and contacted persons who may have been affected.”
Police said an investigation by the force’s cybersecurity and technology crime bureau was under way.
The Office of Privacy Commissioner for Personal Data on Tuesday said it had since received one inquiry from an affected individual. The privacy watchdog said it had launched a compliance investigation, but declined to go into further details.
The stolen data was available on the dark web, a hidden corner of the internet, but the tech hub did not mention the scale of the breach.
A ransomware group reportedly blackmailed Cyberport after hacking its computer system and stealing and encrypting the data. It demanded that a ransom of US$300,000 be paid by Tuesday to get back access to the data.
‘No system is invincible’: technology-related crimes in Hong Kong surge 47.3%
‘No system is invincible’: technology-related crimes in Hong Kong surge 47.3%
According to Cyberport, a sizeable amount of personal data was limited to individuals’ names and contact details, including phone numbers or email addresses.
Human resources-related data included identity card number, date of birth, social media accounts, and academic and bank account details, as well as health information.
Cyberport said it had engaged independent cybersecurity experts to investigate the incident and provide a remedy. The investigation and remediation were continuing.
The business park has 140 employees and is a base for 1,900 start-ups and tech companies.
The data breach was first disclosed earlier this month by cybersecurity information platform FalconFeedsio, which said on social media that ransomware group Trigona had added Cyberport to its victim list.
Hong Kong records sixfold rise in technology-based crimes in a decade
Hong Kong records sixfold rise in technology-based crimes in a decade
According to Palo Alto-based cyber-risk consultancy Unit 42, Trigona ransomware is relatively new and was first discovered by security researchers in late October 2022, with organisations involved in manufacturing, finance, construction, agriculture,…
Hong Kong Tech Park Says Data Exposed By ‘Malicious’ Hack
Text size
Sensitive data, including employee details and credit card records, from a Hong Kong technology park that describes itself as a “digital technology flagship” have been leaked online, the company said.
Cyberport said in a statement released on Tuesday it had been the victim of a “malicious intrusion” in mid-August and found information related to the hack “on the dark web”.
The data included “names and contact details of individuals, human-resources related data of employees, ex-employees and job applicants, and a small number of credit card records”, it said.
Operating since 2004, Cyberport described itself as a “digital technology flagship and incubator for entrepreneurship” and said it has more than 800 start-ups and technology firms at its site in southern Hong Kong island.
The hack was not disclosed until September 6, nearly three weeks after Cyberport notified Hong Kong’s privacy watchdog, leading lawmakers and experts to question the delay.
“We decided not to disclose the incident externally to avoid any unnecessary concern,” it said, adding that it did not initially know the extent of the damage.
“As the victim of a malicious intrusion, Cyberport condemns all form of cybercrime and will fully cooperate with law enforcement.”
The hack has been linked to ransomware Trigona after a website bearing its logo posted 438 gigabytes of Cyberport files.
A spreadsheet seen by AFP listed the birthdays, addresses, ID card numbers, salaries and computer passwords of 166 current and former employees, including six executives.
Other files included information about company finances, business plans, government dealings and legal correspondence.
Hong Kong’s technology minister Sun Dong said on Wednesday the government was “highly concerned” about the breach and has ordered all its departments to step up digital security.
Hong Kong police said they were investigating, as was the city’s privacy watchdog.
hol/pbt