Probe launched after Hospital Authority data breach involving 56,000 patients

he Hospital Authority building in Mong Kok.

Photo: Felix Wong Hong Kong’s privacy watchdog and police are investigating a large-scale data leak involving over 56,000 patients served by the Hospital Authority, which reported the unauthorised retrieval of a variety of information.

The Office of the Privacy Commissioner for Personal Data said on Saturday that it received a report from the authority on Friday, noting that patients’ names, identity card numbers, genders, dates of birth, dates of hospital visits and health information had been leaked.

The health information compromised included patients’ medical history, according to an authority spokesman. “The office will investigate the incident in accordance with its current mechanism,” the commissioner’s spokesman said.

The privacy watchdog also urged affected patients to stay vigilant against potential misuse of their information, suggesting that they exercise caution when receiving suspicious phone calls and messages.

Affected patients are advised to change the passwords of their online accounts and check for any unusual login records, as well as to consider reviewing their bank accounts for any unauthorised expenditure.

According to the Hospital Authority, its regular monitoring system identified a suspected case of unauthorised retrieval of patient information and a leak on a third-party platform early on Friday morning. “The authority has reported [the breach] to police and notified the Office of the Privacy Commissioner for Personal Data,” it said. “The authority has reviewed its internal internet systems and confirmed that they are secure and operating normally.

The authority will fully cooperate with police investigations and operations.” The authority added that it was in the process of contacting affected patients.

Police said the Cyber Security and Technology Crime Bureau was investigating the incident.

No arrests have been made so far.

原文链接: 南华早报