Hong Kong privacy watchdog to grill authorities over ‘serious’ leak of 17,000 people’s data

Privacy commissioner Ada Chung urges Electrical and Mechanical Services Department to notify all affected individuals, hours after latter issues apology

Data includes names, telephone numbers, identity card numbers and addresses of public housing tenants collected for testing orders during Covid-19 pandemic

Reading Time:2 minutes

The Electrical and Mechanical Services Department’s headquarters in Kowloon Bay. Photo: Handout

Published: 8:45am, 3 May 2024Updated: 11:03pm, 3 May 2024

Hong Kong’s privacy watchdog will investigate a “serious” data leak involving the personal information of 17,000 residents collected during the Covid-19 pandemic that resulted from an error in a government department’s password login system.

Privacy Commissioner for Personal Data Ada Chung Lai-ling on Friday also urged the Electrical and Mechanical Services Department to notify all affected individuals, hours after the latter issued an apology over the incident.

The system security failure led to the exposure of personal information, such as names, telephone numbers, identity card numbers and addresses, collected during “restriction-testing declaration” operations between March and July of 2022.

Authorities conducted such operations at the height of the pandemic as part of testing orders that locked down buildings until all occupants had been tested for the virus.

“We think the situation is serious. We will follow our procedures and commence an investigation,” Chung told a radio programme.

“We have suggested the department notify affected individuals as there are relatively more people affected.”

The leak consisted of data from residents living at 14 public housing blocks subject to restriction-testing declaration operations. Those affected included tenants at Yan Ching House in Kai Ching Estate, Oi Ming House in Yau Oi Estate and Kwong Wai House in Kwong Fuk Estate.