Hong Kong’s arts financing body reports cyberattack on its systems, but says no data leak detected
- Hong Kong Arts Development Council reveals hackers attacked its computer network and systems last week, causing some disruption to operations
- Arts body is latest target in string of cybersecurity incidents, following ransomware attacks on Union Hospital earlier this month and tech hub Cyberport last year
The Hong Kong Arts Development Council (HKADC) revealed the attack three days after it was spotted last Friday, saying it caused some disruption to regular operations.
“As of now, leakage or misuse of any data (including information of the applicants of different grant schemes) has not been detected,” the council said on Monday.
“The HKADC has activated its emergency response system to block further intrusion and appointed cybersecurity experts to conduct thorough system inspection and recovery and conduct assessment on the impact of the incident.”
The body did not elaborate on the disruptions but said it had reviewed daily staff operations to further enhance data protection.
Data of 13,632 people stolen in Hong Kong Cyberport hack last year: watchdog
The attack was reported to police and the Office of the Privacy Commissioner for Personal Data, the city’s privacy watchdog.
In a written reply to the Post, the council said daily operations in its office had resumed gradually with internet, email and cloud services working normally since last Friday.
“Personnel information of the employees of HKADC has not been attacked and is kept intact,” it added.
The HKADC is a statutory body which advises the government on culture policy, undertakes advocacy work and allocates grants to support the broad development of the arts in the city.
An investigation, which is ongoing, found no patient data had been leaked. No arrests have been made over the attack.
The group demanded US$300,000 for access to 400GB of the hub’s data.
The Consumer Council also said the personal data of more than 25,000 people might have been leaked in a cyberattack on its systems in the same month.
Hong Kong hospital given 4 weeks to submit report over ransomware attack
Data from the privacy watchdog showed that 157 data breach notifications were logged in 2023, representing a nearly 50 per cent surge compared with the 105 cases in the previous year.
Public sector firms accounted for 48, or nearly a third, of all reported data breach incidents last year, according to the privacy office.
The number of data breaches involving hacking also doubled from 29 in 2022 to 64 in 2023, accounting for about 41 per cent of all recorded cases.