A branch of an international charity (NGO), Oxfam Hong Kong confirmed data breach after suffering from a cyber attack which affected several of its systems, including the critical Oxfam Trailwalker system. This incident was discovered on the morning of July 10, and has since launched a thorough investigation with independent cybersecurity experts to determine the extent of the attack and any potential personal data leaks.

The Oxfam Trailwalker, a renowned 100km (62 miles) trail race held annually to support the charity’s fundraising efforts, was among the systems impacted. The charity is scrutinizing whether personal data, such as names, ID card numbers, addresses, email addresses, and mobile phone numbers, was compromised. Additionally, there are concerns about the potential breach of payment information from donations or credit card transactions.

Oxfam Hong Kong’s Systems Impacts

In response, Oxfam Hong Kong has engaged cybersecurity experts to assess the damage and is working to secure its digital defenses. The charity has also reported the breach to the police, the Office of the Privacy Commissioner for Personal Data (PCPD HK), and the Hong Kong Computer Emergency Response Coordination Centre (HKCERT). The Privacy Commissioner confirmed receipt of the breach notification on July 13 and is conducting a compliance check.

Francis Fong Po-kiu, honorary president of the Hong Kong Information Technology Federation, noted that NGOs often face cybersecurity challenges, highlighting possible factors such as outdated firewalls, software vulnerabilities, or staff errors like falling victim to phishing scams. Fong pointed out that hackers might target NGOs for access to membership and donor data, including sensitive credit card details.

Summary

Oxfam Hong Kong confirmed data breach after suffering from cyber attack. In this attack, data breaching concern was about personal and payment information. Oxfam Hong Kong also has urged the public to stay secure against any unsolicited or suspicious communications, including phone calls, text messages and emails. The more you will have knowledge of cyber attacks, the more wiser you will be to tackle these evolving threats. Did you find this article helpful? Follow us on Facebook 和 LinkedIn. For network and cybersecurity services, contact us for a free consultation.