Over 56,000 patients' data leaked in Hospital Authority breach

The personal data of more than 56,000 patients has been compromised in a significant data breach at the Hong Kong Hospital Authority (HA), which has now been reported to the Office of the Privacy Commissioner for Personal Data (PCPD).

The PCPD confirmed that it has been notified of the incident and has launched an investigation in accordance with its established procedures.

The leaked personal information includes sensitive details such as patients' names, identity card numbers, gender, dates of birth, hospital numbers, appointment dates, and other health-related information.

The privacy watchdog has issued a public reminder for potentially affected individuals to remain vigilant.

The public is advised to be cautious of suspicious calls, text messages, or emails from unknown sources and to avoid opening attachments, clicking on links, or disclosing personal data without verification.

The HA stated that its routine monitoring system detected a case of suspected unauthorized access and leakage of patient data on a third-party platform in the early hours of yesterday.

Emphasizing that it takes the matter very seriously, the HA has reported the incident to the police.

The authority also noted that it has already reviewed its internal network systems and confirmed that they are operating securely and normally.

The HA has pledged to fully cooperate with the police investigation and will be contacting the affected patients.