The data of over 17,000 residents from 14 buildings listed in the government’s compulsory Covid-19 testing notices between March and July 2022 was leaked, the Electrical and Mechanical Services Department announced on Thursday night.
The data stored on the designated online server platform includes citizens’ names, telephone numbers, ID card numbers and addresses.
The 14 public housing buildings involved are Tak Ying House, Yan Ching House, Oi Ming House, Fu Leung House, Wu Fai House, Tip Ying House, Sin Tat House, Wai Tung House, Kwong Wai House, Pok Yat House, Cheung Fung House, Ming Toa House, Un Shing House, and Toi Fung House.
The department said it was notified by the Office of the Privacy Commissioner for Personal Data on Tuesday night that according to a public report, the data concerned could be browsed on the server platform.
The department immediately checked and found that the password login system had failed and the data could be browsed without entering any password. Yet, they were not downloadable.
Upon the department’s request, the service provider of the online server platform removed the data that night. The department added that it has reported the leak to the police, the Office of the Government Chief Information Officer and the Security Bureau.
Speaking on an RTHK program on Friday, Privacy Commissioner Ada Chung Lai-ling said her office was informed of the data leakage on Wednesday night and attaches great importance to the incident.
She continued that this incident is of a serious nature and her office has launched a formal investigation in accordance with established procedures.
Her office also advised the department to notify residents about this data leak incident due to the significant amount of citizens affected.
When asked if the leak occurred back in 2022 or recently, Chung said this remains as one of the directions for her office to investigate. She also recommended relevant government departments to conduct a comprehensive review to see if the data stored in their servers has been leaked.
Hong Kong United Times丨香港聯合時報丨HKUT 