Notification

×

Iklan

Iklan

Stronger Penalties for Data Breaches, Experts Advise

Monday, July 6, 2026 | 6:57 PM (GMT-04.00) Last Updated 2026-07-06T23:00:49Z
    Share

Cybersecurity Experts Call for Fines on Companies After Major Data Breach

A major data breach involving the personal information of over 1 million individuals has sparked urgent calls from cybersecurity experts for stricter penalties against companies that fail to protect consumer data. The incident, linked to a leading Hong Kong appliance distributor, has raised concerns about the adequacy of current measures to safeguard sensitive information.

The breach was first reported by Shun Hing Group on March 23, and it has since led to an investigation by Hong Kong's privacy watchdog. According to the Office of the Privacy Commissioner for Personal Data, the latest information suggests that the personal data of as many as 1.05 million people, primarily customers, was maliciously encrypted. This includes details such as names, addresses, and email addresses of over 920,000 customers.

David Ip, founding chairman of the Hong Kong China Network Security Association, emphasized the importance of protecting consumer privacy. He stated, "Safeguarding consumer privacy is no longer just a compliance issue. It is fundamental to keeping the public's trust." Ip added that the scale of this breach highlights a critical vulnerability in how large conglomerates manage extensive consumer records.

He argued that firms suffering data leaks should face penalties. "Any firm that has a data leak should be slapped with a penalty. This is the most effective way to push them to strengthen their cyber defence systems," he said.

In addition to customers, approximately 1,000 employees of Shun Hing were also affected. Their identity card numbers, bank account details, salary information, and other data were compromised. In a statement issued in April, Shun Hing confirmed it had detected unauthorized access and damage to its computer systems caused by a cyberattack. The company mentioned that it had filed a police report and engaged an independent team of cybersecurity experts to investigate the incident.

Lawmaker Duncan Chiu supported the idea of discussing penalties for data leaks, especially for large conglomerates that hold vast amounts of personal data. He noted that Hong Kong's first anti-hacking law, the Protection of Critical Infrastructures (Computer Systems) Ordinance, which took effect on January 1, was a starting point for enhancing cyber defense systems. The law requires designated operators in eight essential sectors to safeguard their computer systems and report cyberattacks.

Chiu highlighted the need for public discussion on whether both big conglomerates and small and medium-sized enterprises should be held responsible for data leaks. "The public is naturally disappointed by any data leaks. Whether both big conglomerates and small and medium-sized enterprises, which have limited resources, should also be held responsible for any data leaks should be broadly discussed by the public," he said.

Shun Hing responded to the South China Morning Post by stating it "strongly condemned" all forms of cybercrime and was collaborating with law enforcement agencies during the investigation. The company claimed it had implemented robust countermeasures and upgraded its cybersecurity defenses to prevent similar incidents in the future.

Hong Kong has experienced intermittent cyberattacks in recent months. In April, the Hospital Authority reported a large-scale data leak involving more than 56,000 patients. Additionally, a global cyberattack on the online learning platform Canvas compromised the personal information of over 72,000 students and staff at Hong Kong schools and universities.

This incident underscores the growing need for stronger cybersecurity measures across various sectors. As technology continues to evolve, so too must the strategies used to protect sensitive data. The call for fines and stricter regulations reflects a broader recognition that data breaches are not just technical failures but also ethical and legal issues that require immediate attention.

No comments:

Post a Comment

×
Latest news Update