Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
According to reports, Cyberport Hong Kong was hacked and the information, company documents, identity documents and other information of start-up companies were obtained by hackers, totaling about 436 GB of company data. As can be seen in the post of X, an account that focuses on Internet security, the hacker's website asked for about US$300,000 (approximately HKD 2.35 million) for the stolen information. On September 6, Hong Kong Cyberport responded to a cyber security incident suspected of being hacked, saying that Cyberport had discovered a cyber security incident involving an unauthorized third party intruding into some of Cyberport's computer systems. Cyberport is very concerned about the incident and has immediately taken action to control it, including handling the alarm and shutting down the affected computer equipment. It has also quickly launched a detailed investigation with the assistance of independent cybersecurity experts. Cyberport has also notified the relevant authorities and the Office of the Privacy Commissioner for Personal Data in Hong Kong. Attack method (per SlowMist): Information Leakage. Reported loss: -.
- chain
- —
- protocol
- Cyberport Hong Kong
- bug_class
- access-control
- date_occurred
- 2023-09-05
- loss_usd
- —
- source_id
- sm:cyberport-hong-kong::2023-09-05