image

Consumer Council ransomed for $500,000; 80pc of computer systems damaged

Eighty percent of the Consumer Council’s computer system was damaged following a cyber-attack as the unidentified hackers demanded a ransom of US$500,000 (~HK$3.9 million) from the watchdog to be paid by 11.20 p.m. on Saturday. 

The hackers also threatened that the ransom would go up to US$700,000 if the council didn't pay on time, chairperson Clement Chan Kam-wing said, who insisted that the council would never pay the ransom. 

Chan condemned the hackers’ illegal activities and apologized to the public for the inconvenience caused. 

Speaking to the press on Friday, Chan said the hacking began around 6 p.m. on Tuesday and finally came to light as staffers went to work the next morning and found they couldn’t log into the computer system. 

IT experts confirmed that the attack lasted for about seven hours, and the data flow was about 65 gigabytes greater than usual. 

Chan noted that the stolen data possibly includes the information of former and current employees, their families, and job applicants, such as HKID card numbers, addresses, date of birth, and resumes.

Subscribers of the council’s monthly Choice magazine may be hit since some 8,000 subscribers have provided the council information on their credit cards. 

Citizens who filed complaints before and the council’s working partners are also affected, as data stored include company addresses, phone numbers, and email addresses. 

Chan noted that the incident doesn’t involve staffers clicking on phishing websites and remains a cybersecurity issue. 

He added that he doesn’t know if this attack is similar to the earlier one targeting Cyberport, and the identity and location of the hackers have yet to be confirmed. 

Chan said the council immediately reviewed their system’s security following the Cyberport incident, but unfortunately fell victim too, indicating the hackers’ evolving skills and techniques. 

The council’s chief executive, Gilly Wong Fung-han, said they may only learn what information is stolen when the hackers haven’t received the ransom and leak the data online. 

Wong also said the council is now repairing the servers and will reboot them gradually.