Date: 3 May 2024
Response of the Privacy Commissioner’s Office
to the Companies Registry’s Data Breach Incident
The Office of the Privacy Commissioner for Personal Data (PCPD) just noted that around 110,000 data subjects were affected in the data breach incident of the Companies Registry. Having considered the number of data subjects involved, the PCPD has immediately commenced an investigation into the incident and has advised the relevant department to notify the affected data subjects as soon as possible.
The PCPD appeals to the affected persons to make enquiries (telephone: 2827 2827 or email:
communications@pcpd.org.hk) or complaints (telephone: 2827 2827 or email:
complaints@pcpd.org.hk) with the relevant department or the PCPD if they suspect that their personal data have been leaked. As of today (3 May), the PCPD has not received any enquiries or complaints regarding the incident.
The PCPD calls on the affected persons to be vigilant of potential theft of their personal data and to take the following measures to protect personal data privacy:
-
Consider changing the passwords of online accounts and activate the multi-factor authentication function (if available);
-
Beware of any unusual logins of personal emails or accounts;
-
Review bank statements to spot any unauthorised transactions;
-
Stay vigilant when they receive any suspicious calls, text messages or emails from unknown sources, do not arbitrarily open attachments or disclose personal data readily; and
-
Be vigilant against phishing or other possible scams.
-End-