A cyberattack on a Hong Kong news agency last month led to the unauthorised access of information on 3,700 subscribers.
FactWire on Wednesday said its website and internal system had been hacked recently. While staff were trying to fix the security breach, the agency discovered its newsletter delivery operations had also been attacked on April 13.
The information accessed include the email addresses of more than 3,700 subscribers registered from July 2017 to January 2021, and the names of about 1,000 subscribers registered from November 2018 to October 2019.
“The IP address shows that the hacking was done from Hong Kong and that it had obtained access to the registration records of our newsletter subscribers. We sincerely apologise to all the affected subscribers for this,” a statement from FactWire read, adding the information on a donor list had not been accessed.
“We could not see any record of the information being exported, but there could be a possibility that the hacker had recorded the accessed information using other methods.”
In the wake of the incident, the news agency temporarily suspended the delivery of newsletters to build a new system. Measures were taken to ensure all personal information, including those of donors and whistle-blowers, was securely stored.
Earlier this week, police launched a criminal investigation after more than 20 unauthorised push notifications were sent out via the mobile app of Hong Kong’s biggest free-to-air broadcaster.
According to TVB on Tuesday, the alerts were dispatched to subscribers of its news app over a period of 21 minutes, with the first sent out on Monday at midnight.
“Patriots rule Hong Kong”, “Lee Ka Chiu meets the press”, “hihi”, “test” and “yooooooo” were the contents of some of the 23 notifications, while others were written in simplified Chinese characters. Former chief secretary John Lee Ka-chiu is the sole candidate in the chief executive election, which will be decided on Sunday.
TVB said it had carried out multifaceted investigations and had immediately strengthened system monitoring to prevent the recurrence of similar incidents.