Hong Kong IT sector legislator Charles Mok apologises after data of 15,000 people who signed his petition gets hacked
Personal details harvested in hack of Barcelona-based company that ran lawmaker’s petition against changes to voting times
The man representing Hong Kong’s IT sector in the city’s legislature apologised on Saturday after falling victim to a cyberattack that harvested the personal details of 15,000 people who signed an online petition he started.
The city’s privacy watchdog voiced concerns about the breach at a company used by Charles Mok, and a local cybersecurity expert has said the problems could be even more widespread, given the firm’s popularity with major companies.
The move by the Office of the Privacy Commissioner for Personal Data came hours after Mok issued his apology on Saturday night. He revealed that the personal data of about 15,000 city residents who signed his petition last year – including their names, opinions and 9,500 email addresses – had been hacked.
While Mok emphasised his office had deleted all the data collected right after the campaign, the lawmaker said he was told on July 2 by Typeform – a Barcelona-based online survey service provider hosting the petition – that part of the data had been downloaded by hackers.
It was part of a much wider data breach at Typeform. Other victims included the Tasmanian Electoral Commission, budget hotel chain Travelodge, British grocer Fortnum & Mason and UK political party the Liberal Democrats.
“Information users should adopt all feasible security measures to ensure all personal data collected will not be accidentally revealed or leaked,” privacy commissioner Stephen Wong Kai-yi said on Saturday night.