Baking and DessertsCoffee CultureVegan and PlantBasedCraft BeerWine and Spirits
Medical Care
Privacy Commissioner Confirms No Unauthorized Access in Companies Registry Data Breach
2025-03-13
Single Slide

The Office of the Privacy Commissioner for Personal Data (PCPD) has concluded that there is no indication of unauthorized or accidental access to the leaked personal information affecting over 100,000 individuals involved in a recent data breach. This incident pertains to the Companies Registry and includes sensitive details such as HKID numbers, passport numbers, and addresses of company directors. Additionally, it involves personal identifiers of disqualified persons, money lender applicants, and third-party appointees, along with contact information for money lender contacts.

Anomalies were detected on April 18, 2024, during routine inspections of the Integrated Companies Registry Information System. It was found that the e-Search Services within the “e-Services Portal” had inadvertently transmitted extra personal data beyond what was intended for the search results. Investigations revealed that nearly 90% of this data could be viewed through document images registered with the Registry. However, the PCPD emphasized that this information was not directly visible on search result pages; instead, users would need to employ web developer tools, which are seldom used by the general public.

In response to the breach, the registry promptly notified all potentially affected individuals and took immediate steps to correct the system design flaw. An independent third party was engaged to conduct a thorough review of the relevant systems, and preventive measures were implemented to avoid similar occurrences in the future. Furthermore, the PCPD has initiated a compliance check on Deliveroo following its decision to cease operations in Hong Kong, raising concerns about the potential impact on customer and delivery rider data privacy rights.

Despite the breach, the swift actions taken by the registry and the proactive measures by the PCPD underscore a commitment to safeguarding personal data and maintaining public trust. This incident highlights the importance of continuous vigilance and stringent security protocols in protecting sensitive information, reinforcing the need for robust data protection practices across all sectors.

More Stories
Partnering for Success: Unlock Your Business Potential
Medical Care
Partnering for Success: Unlock Your Business Potential
Young Consumers Revolutionize Hong Kong's Credit Market
Medical Care
Young Consumers Revolutionize Hong Kong's Credit Market
Cathay Pacific's Revenue and Passenger Traffic Soar in 2024
Medical Care
Cathay Pacific's Revenue and Passenger Traffic Soar in 2024
Partnering for Business Growth in Hong Kong
Medical Care
Partnering for Business Growth in Hong Kong
Revolutionizing Skin Care: PicoSure® Pro Wins Prestigious Healthcare Asia Medtech Award
Medical Care
Revolutionizing Skin Care: PicoSure® Pro Wins Prestigious Healthcare Asia Medtech Award
Partnering for Business Growth Opportunities
Medical Care
Partnering for Business Growth Opportunities
Construction Sector Sees Significant Growth in 2024
Medical Care
Construction Sector Sees Significant Growth in 2024
Significant Donation Boosts Hong Kong's AI Development with Local Chatbot Innovation
Medical Care
Significant Donation Boosts Hong Kong's AI Development with Local Chatbot Innovation
Significant Growth in Key Service Industries Boosts Economic Outlook
Medical Care
Significant Growth in Key Service Industries Boosts Economic Outlook
see more
Copyright © 2024 All Rights Reserved
About Us
Privacy Policy
Contact Us
Terms Of Use