HKCERT Reminds the Public and SMEs of the Risk of Rising Data Breach Incidents in the Near Future
(Hong Kong, October 17, 2025) With the recent spate of data leakage incidents, theQantasA third-party service platform was attacked by social engineering, resulting in the theft of 5.7 million customers' data, of which about 20,000 customers in Hong Kong were affected. The leaked information, including names, phone numbers and addresses, puts the victims at risk of phishing attacks and fraud. The Office of the Privacy Commissioner for Personal Data (PCPD) has been notified of the incident and has commenced an investigation.
Hackers Leak 5.7 Million Users' Personal Data to the Dark Web
Hackers used social engineering and other tactics (e.g. voice phishing) to trick Qantas' third-party service provider's staff into granting access through the Qantas third-party service provider's customer service center in the Philippines in order to steal customer data. The incident highlights the risks associated with the increasing prevalence of supply chain attacks. Hackers often target vulnerabilities in third-party service providers as a springboard to attack larger organizations. Even small and medium-sized enterprises (SMEs) may become targets of cyber attacks if they neglect their own network security protection.
At the same time, theHong Kong Vegetable Marketing Organization (VMO)Recently, some computer systems have been attacked by ransomware, resulting in the risk of data leakage of one of the wholesale market users. C&SD has commissioned an outsourcing contractor to repair the system as soon as possible and assist in the investigation. F5, a network security provider, has also recently announced that its internal system has been subject to a prolonged and persistent cyber-attack in the past August. Hackers stole source code and undisclosed system vulnerabilities from its products, and it is estimated that the hackers used the leaked data to plan cyber attacks on its product users. These incidents illustrate the risks of using third party service providers and the importance of reinforcing cyber security measures. In view of the scale of the incidents and the potential threats, in order to prevent third-party cyber risks and to strengthen our own cyber security, the following measures are necessaryHong Kong Cyber Security Incident Coordination Center(HKCERT)RecommendationUsers and SMEsTake the following measures:
- Always be on the lookout for phishing attacks.
Always verify the sender of an email and avoid clicking on any suspicious links. Be alert to urgent or unusual requests and report suspicious messages to your IT or computer security team immediately. - Enhance account security with multi-factor authentication
ISPs will provide a multi-factor authentication option that requires users to enter a verification code or additional authorization before logging in, so as to avoid account theft when users accidentally leak their passwords to hackers. At the same time, enterprises should strengthen staff training to prevent the leakage of multi-factor authentication codes to others, and should not use the same password for different accounts. - Choose Free and Open Source Software Carefully
While free or open source tools have a cost advantage, they are prone to introduce vulnerabilities if they are used by enterprises without being vetted. Therefore, enterprises should choose reputable software and conduct security audits on the software they introduce. - Regular update of the system
All systems, applications and devices should be kept up-to-date and security patches should be installed in a timely manner to plug vulnerabilities. - Enhancement of Social Engineering Prevention Awareness
Attacks through social engineering are not uncommon. Organizations should provide regular training to their staff to enhance their ability to identify phishing emails and suspicious calls, so as to reduce the risk of data leakage due to human negligence.
Four Measures to Keep Yourself Safe
Qantas has confirmed that no customer financial information, passport information or account passwords were involved in the incident. However, the leakage of sensitive personal information to the Dark Web may pose a risk of identity theft, phishing attacks and other fraudulent activities. HKCERT emphasizes the importance of proactive protection of personal data and recommends thatAffected personsTake the following measures:
- Regular monitoring of accounts
Regularly check your email, phone and financial accounts for suspicious activity. If you discover unauthorized transactions or unusual activity, notify the relevant authorities immediately. - Beware of Phishing Attacks
Be wary of emails, phone calls or messages claiming to be from Qantas or related organizations. Avoid clicking on suspicious links and handle suspicious emails, messages and calls with care, and don't give out personal or log-in details easily. - Enabling Multiple Identity Authentication (MFA)
Multi-authentication is added to the main account to enhance the security level. Do not share the verification code with others. - Change password regularly
Change passwords for all important accounts regularly and avoid sharing the same password for multiple accounts.
估計損失高達-19-億英鎊,為英國歷來之最.jpg)
