The personal information of around 60,000 to 70,000 account holders may have been leaked following a recent cyberattack on Hongkong Post's EC-Ship online portal, according to Postmaster General Leonia Tai Shuk-yiu.
Speaking on a radio program on Wednesday, Tai explained that the EC-Ship portal was designed to provide citizens with an efficient mailing solution, allowing them to create their own contact lists within the system.
However, a cyber attack was initiated via an EC-Ship account at midnight on Sunday (Jul 20).
Although Hongkong Post blocked the attack within the next day, it was discovered that the hacker had accessed the EC-Ship users' personal information, including names, company names, addresses, phone and fax numbers, and email addresses of both senders and recipients, through the loopholes in the system programming code.
It is estimated that approximately 60,000 to 70,000 individuals are affected, Tai noted.
The Hongkong Post notified affected users via email on Tuesday (Jul 22). Moreover, users were advised to check their accounts for any suspicious activity.
Tai assured that the vulnerabilities identified during the incident have been addressed, promising that similar events would not occur again.
She noted that Hongkong Post has sought advice from the Digital Policy Office to enhance the cybersecurity system, adding that further investigations into the incident would continue.
