bodyType

customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

hooksAmpRedirectArticle

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

paywallTypes

createdDate

publishedDate

urlAlias

moreOnThisArticles

sponsorType

commentCount

authorLocations

authors

corrections

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

articleSpeeches

socialHeadline

headline

images

flag

firstTopic

glossary

flattenTypeIds

image

relatedLinks

relatedNewsletters

__typename

sponsor

pdfFiles

seriesReverseOrder

series

disableOffPlatformContent

published

updatedDate

summary

subHeadline

body

keywords

readingTime

customTimezone

liveContents

Danny Mok

Chinese University's Faculty of Medicine has fallen victim to a new wave of cyberattack, with data on more than 10,000 patients hidden from view and a ransom demanded to decrypt it.
The attack targeted the faculty's Centre for Liver Health and Institute of Digestive Disease at the Prince of Wales Hospital in Sha Tin. A faculty spokeswoman said last night that it was operating as normal and patient care had not been jeopardised.
She added that the attack had encrypted the data so that the faculty could no longer access it, but it did not appear that the information had been stolen.
She said the two servers affected stored day-to-day data as well as research and teaching materials, including more than 10,000 patients' personal details and their health history.
Police confirmed the case was related to the ransomware "SynoLocker", which targets servers made by Synology.
A message demanded the faculty pay 0.6 bitcoin, about US$350, to free the data, according to a police source. Officers also found no evidence that the data had been leaked.
The faculty said the servers were immediately disconnected and other computer systems were affected. It believed a flaw in Synology's software was used by the hackers to launch the attacks.
The Hospital Authority and the Privacy Commissioner have been notified.
Chinese University said it had received no other similar reports from other departments.
A police spokesman said the department had yesterday received multiple reports from victims of similar attacks since Monday, and the Police Commercial Crime Bureau was investigating.
The spokesman appealed to the public to review and, if need be, strengthen their data security.
Reports about "SynoLocker" attackers in other regions have appeared since Monday.
Synology says that if attacked it is best to perform a complete shutdown to avoid more problems and to contact the company for additional help through its Knowledge Base website.


Cyberattack hits 10,000 patients' health data

The cyberattack targeted the faculty's Centre for Liver Health and Institute of Digestive Disease at the Prince of Wales Hospital in Sha Tin. Photo: Sam Tsang

News

Hong Kong

Ransom demanded from CUHK medical faculty as other victims come forward


Chinese University's Faculty of Medicine has fallen victim to a new wave of cyberattack, with data on more than 10,000 patients hidden from view and a ransom demanded to decrypt it.


Cyberattack hits 10,000 patients' health data

.css-1c6uqr6{color:inherit;font-weight:inherit;font-size:inherit;font-family:inherit;line-height:inherit;overflow-wrap:break-word;}Ransom demanded from CUHK medical faculty as other victims come forward

Ransom demanded from CUHK medical faculty as other victims come forward