Date: 7 February 2024
Response of the Privacy Commissioner’s Office
on the HKU Faculty of Education’s Data Breach Incident
The Office of the Privacy Commissioner for Personal Data (PCPD) received a data breach notification from the Faculty of Education of the University of Hong Kong (HKU) yesterday (7 February), reporting that about 7,400 data subjects had been affected by the data breach incident. The PCPD noted that the relevant organisation was notifying the affected data subjects, and the PCPD has commenced a compliance check into the incident in accordance with established procedures.
Having considered that the incident involved the leakage of personal data, the PCPD appeals to the affected persons to make enquiries or complaints with the PCPD or the relevant organisation if they suspect that their personal data have been leaked. As of yesterday (7 February), the PCPD has not received any enquiries or complaints regarding the incident.
The PCPD calls on the affected persons to be vigilant of potential theft of their personal data and take the following measures to protect personal data privacy:
-
Consider changing the passwords of online accounts and activate the multi-factor authentication feature (if available);
-
Beware of any unusual logins of personal emails;
-
Stay vigilant when they receive any suspicious calls, text messages or emails from unknown sources;
-
Do not arbitrarily open attachments or links in text messages or emails, or disclose personal data readily; and
-
Be vigilant against phishing or other possible scams.
-End-