InfoSec - News and Newsletters

繁體版

簡体版

Search :

Change text size:

News and Newsletters

Date	News Title	Description
Sep 2008
19-Sep-2008	Customs warns shop owners not to sell PCs with pirated software	Hong Kong Customs reminded computer shop owners that selling pirated software in the course of any trade or business is a criminal offence on September 17.
10-Sep-2008	Hospital Authority Board endorses patient data recommendations	At the Administrative and Operational Meeting on September 10, the Hospital Authority Board discussed and endorsed the report and recommendations submitted by the Taskforce on Patient Data Security and Privacy to further enhance the protection of patient data privacy.
10-Sep-2008	Privacy Commissioner welcomes HA's effort to enhance patient data privacy	The Privacy Commissioner Mr. Roderick B. Woo welcomes the recommendations made by the Hospital Authority's Taskforce on Patient Data Security and Privacy.
Aug 2008
29-Aug-2008	Public seminar for young people	A public seminar on the importance of protecting and respecting privacy was held on 29 August for young people by the Office of the Privacy Commissioner for Personal Data.
28-Aug-2008	"Privacy is Your Business" International Video Competition Prize Presentation Ceremony	The Privacy Commissioner for Personal Data, Mr. Roderick B. Woo, announced in the prize presentation ceremony for "Privacy is Your Business" International Video Competition that three teams of secondary students won the first, second and third place of both the international and local (Hong Kong and Macao) prizes of the competition for their brilliant performance.
25-Aug-2008	Privacy Commissioner Launches Privacy Awareness Week 2008	The Privacy Commissioner for Personal Data, Mr. Roderick B. Woo, is pleased to launch the Privacy Awareness Week 2008 on 25 August.
25-Aug-2008	SCMA answers media question on privacy protection	The transcript of the Secretary for Constitutional and Mainland Affairs, Mr Stephen Lam's answer to a media question after attending the Privacy Awareness Week 2008 Inauguration Ceremony on August 25.
14-Aug-2008	Privacy Commissioner accepts an Undertaking by HSBC	The Privacy Commissioner for Personal Data has received from the Hongkong and Shanghai Banking Corporation Limited a formal Undertaking assuring the Privacy Commissioner, Mr Roderick B Woo that HSBC will step up security measures in respect of the security of its customers' personal data in compliance with Data Protection Principle 4 in the Personal Data (Privacy) Ordinance.
1-Aug-2008	Government invites submissions on copyright protection	The Government invites the public, including internet users, copyright owners and online service providers, to give their views on preliminary proposals for strengthening copyright protection in the digital environment. Submissions may be given until August 31.
Jul 2008
29-Jul-2008	Privacy Commissioner explains recommendations on the protection of patients' data privacy	There is wide media coverage on the inspection report of the Hospital Authority's patients' data system published by the Privacy Commissioner, Mr. Roderick B. Woo on 22 July.
22-Jul-2008	Hospital Authority responds to Privacy Commissioner's report	The Chief Executive of the Hospital Authority, Mr Shane Solomon, welcomed the recommendations of the inspection report by the Privacy Commissioner for Personal Data which will result in a more systematic, consistent approach and lead to further improvement in the HA's personal data system on July 22.
22-Jul-2008	Privacy Commissioner Publishes Inspection Report on Hospital Authority	The Privacy Commissioner Mr. Roderick B Woo publishes his report of the inspection of the Hospital Authority's personal data system which was carried out under section 36 of the Personal Data (Privacy) Ordinance.
14-Jul-2008	The Privacy Commissioner completes the Inspection of the Hospital Authority's Personal Data System	The Privacy Commissioner, Mr. Roderick B WOO has sent to the Hospital Authority his report of the Inspection of HA's personal data system which was carried out under section 36 of the Personal Data (Privacy) Ordinance.
8-Jul-2008	Yan Chai Hospital reports loss of patient information	The Medical Records Services Department (MRSD) of YCH found that a batch of 3.5” backup floppy disks were missing during the process of encryption and reported it to the hospital management on June 30, 2008. Those floppy disks are a set of back-up copies storing the processing log sheet on medical report applications dated between January 16, 2005, and January 15, 2006, in which about 3,000 names and ID numbers of the applicants were recorded together with the log sheets of the dates of request, various work processes and date of completion, etc.
4-Jul-2008	Response to data loss incidents by The Hongkong and Shanghai Banking Corporation Limited ("HSBC")	In response to HSBC's loss of an audiotape containing 25,000 recorded phone conversations, the Privacy Commissioner for Personal Data, Mr. Roderick B Woo, issued the statement.
Jun 2008
26-Jun-2008	Website: http://www.asiabankhk.com/	The Hong Kong Monetary Authority wishes to alert members of the public to a website with the domain name http://www.asiabankhk.com/. The website is operated by an alleged entity, Asia Bank or I.F.C.E in YATAI. The website looks similar to the official website of the HKMA (www.info.gov.hk/hkma). The HKMA wishes to clarify that it has no connection with the website, and no connection with or knowledge of Asia Bank and I.F.C.E in YATAI.
25-Jun-2008	LCQ2: Administration of Internet domain names in Hong Kong	A question by the Hon Andrew Leung Kwan-yuen and a reply by the Secretary for Commerce and Economic Development, Mr Frederick Ma, in the Legislative Council on June 25.
22-Jun-2008	Public forums to be held on copyright protection in the digital environment	The Government will hold two public discussion forums on July 12 and 26, for members of the public to discuss issues related to copyright protection in the digital environment. The forums are part of the public engagement exercise following the release of the Administration's preliminary proposals on the subject in April 2008.
18-Jun-2008	(ISC)² seeks nominations for its second annual asia-pacific information security leadership achievements program	(ISC)², the non-profit global leader in educating and certifying information security professionals throughout their careers, today announced it has opened nominations for its second annual Asia-Pacific Information Security Leadership Achievements Program.
11-Jun-2008	LCQ3: Government departments' handling of incidents of leakage of personal data	A question by the Hon Ronny Tong and an oral reply by the Secretary for Constitutional and Mainland Affairs, Mr Stephen Lam, in the Legislative Council on June 11.
5-Jun-2008	The Director of Immigration Department signed formal undertaking	The Director of Immigration, Mr. Simon Yun-lu Peh, today signed a formal undertaking with the Privacy Commissioner for Personal Data, Mr. Roderick B Woo to step up measures on data security of the personal data held by the Immigration Department in compliance with the Personal Data (Privacy) Ordinance.
May 2008
30-May-2008	FEHD response on personal data incident	A spokesman for the Food and Environmental Hygiene Department said on May 30 that a staff member of the department, in handling a complaint case on May 29, inadvertently e-mailed a document containing information about work injury cases to the complainant.
29-May-2008	Progress of Inspection Against Hospital Authority	The Privacy Commissioner for Personal Data Mr. Roderick B Woo provides a brief update on the progress of the Inspection against the Hospital Authority.
28-May-2008	LCQ15: Combating circumvention of technological measures used to protect copyright works	A written reply by the Secretary for Commerce and Economic Development, Mr Frederick Ma, to a question by the Hon Sin Chung-kai in the Legislative Council on May 28.
28-May-2008	LCQ1: Information security regulations and policies	A question by the Hon Tsang Yok-sing and a reply by the Secretary for Commerce and Economic Development, Mr Frederick Ma, in the Legislative Council on May 28.
28-May-2008	LCQ20: Measures implemented by the banking industry to protect the personal data of customers	A question by the Hon Emily Lau and a written reply by the Secretary for Financial Services and the Treasury, Professor K C Chan, in the Legislative Council on May 28.
27-May-2008	Response to data leakage by the Police	Local newspapers reported that some classified police documents containing personal data were leaked on the internet through a file-sharing software called "Foxy". The Privacy Commissioner for Personal Data Mr. Roderick B Woo is very concerned about this matter.
22-May-2008	The Privacy Commissioner's clarification on "criminalizing data leakage"	The Privacy Commissioner for Personal Data Mr. Roderick B Woo issued statement in response to news reports that he proposed to criminalize data leakage.
21-May-2008	LCQ15: Review of the Personal Data (Privacy) Ordinance	A question by the Hon Emily Lau and a written reply by the Secretary for Constitutional and Mainland Affairs, Mr Stephen Lam, in the Legislative Council on May 21.
21-May-2008	LCQ4: Protection of personal data	A question by the Hon Audrey Eu and an oral reply by the Secretary for Constitutional and Mainland Affairs, Mr Stephen Lam, in the Legislative Council on May 21.
21-May-2008	LCQ19: Loss of patient data stored in electronic devices	A question by the Hon Cheung Hok-ming and a written reply by the Secretary for Food and Health, Dr York Chow, in the Legislative Council on May 21.
19-May-2008	Man arrested over online fund-raising deception	Police Officers of Commercial Crime Bureau of Technology Crime Division arrested a 16-year-old boy on May 16 in connection with an online fund-raising deception related to Sichuan earthquake.
13-May-2008	Government attaches great importance to information security	The Government took information security and the need to protect personal data extremely seriously as any leakage of personal data was of grave concern and inconvenience to the individuals affected, the Government Chief Information Officer, Mr Jeremy Godfrey, told the Information Technology and Broadcasting Panel of the Legislative Council on May 13.
10-May-2008	Privacy Commissioner strives to promote protection of personal data privacy	Recent incidents of loss and leakage of large amount of personal data have aroused widespread discussions in the society. Reports of the media generally recognized the importance of protecting personal data and supported the work of the PCPD in related promotion and training.
8-May-2008	Response to data loss by HSBC	In response to the Hongkong and Shanghai Banking Corporation Limited (HSBC) data loss incident, the Privacy Commissioner for Personal Data, Mr. Roderick B Woo said that he has to-day discussed the matter with HSBC Chairman Mr. Vincent Cheng and Executive Director Mr. Peter Wong.
8-May-2008	Response to data leakage by Immigration Department	In response to the Immigration Department data leakage incident published in the newspapers on 8 May, the Privacy Commissioner for Personal Data, Mr. Roderick B Woo said: "Both of the Immigration Director Mr. Simon Peh and I are seriously concerned with the incident. Mr. Peh said during our discussion this morning that arrangements had already been made for the removal of the data that the same are not now accessible online by using FOXY software."
8-May-2008	Privacy Commissioner commences inspection against Hospital Authority	The Privacy Commissioner for Personal Data Mr. Roderick B Woo has served notice on the Hospital Authority of his intention to carry out an inspection of HA's patients' data system pursuant to section 36 of the Personal Data (Privacy) Ordinance ("the Ordinance"). The purpose of the inspection is to assist the Commissioner in making recommendations relating to the promotion of HA's compliance. The inspection and the recommendations will focus on the security aspects of the system.
7-May-2008	Hospital Authority Task Force on Patient Data Security and Privacy meets	The Task Force on Patient Data Security and Privacy appointed by the Hospital Authority held its first meeting on May 7. Speaking to the media after the meeting, the task force chairman, Mr Stephen Lau said the group would review the Hospital Authority's existing policies and security systems of protecting patient data, and looked forward to recommending short-term as well as long-term improvement measures.
6-May-2008	Privacy Commissioner commits himself to securing patients' data	On 25 April 2008, two incidents of loss of patients' data in Tuen Mun Child Assessment Centre under the management of the Director of Health and the United Christian Hospital were reported. The number of patients involved was 700.
6-May-2008	Hospital Authority Implements New Measures to Enhance Patient Data Security	Regarding the recent cases of lost electronic storage device, Hospital Authority Chief Executive Mr Shane Solomon announced on 6 May that new measures will be implemented in HA and all public hospitals with immediate effect.
6-May-2008	Prince of Wales Hospital announced an incident of loss of USB flash drive containing hospital files	An incident of loss of USB flash drive containing hospital files of PWH took place in early May 2008. The stored files were mainly general working documents with personal data of patients, including name, ID number and laboratory test items. Around 10,000 records might be involved.
6-May-2008	SFH responds to loss of patients' data	On May 6, the Secretary for Food and Health, Dr York Chow is regretful and deeply disappointed with repeated incidents of hospitals losing USB flash drives containing patients' data. He looked forward to the Office of the Privacy Commissioner for Personal Data coming up with measures to plug possible loopholes.
5-May-2008	SFH responds to patients' data (Chinese only)	The Secretary for Food and Health, Dr York Chow spoke to the media after attending a public event on 5 May.
5-May-2008	HA sets up Task Force on Patient Data Security and Privacy	The Chief Executive of the Hospital Authority , Mr Shane Solomon, announced the appointment of a Task Force on Patient Data Security and Privacy with the objectives of enhancing system security and patient data protection, following cases of loss of electronic devices containing patient data on May 5.
Apr 2008
30-Apr-2008	CSB reminds colleagues of office security	On April 30, the Secretariat on Civil Service Discipline under the Civil Service Bureau conveyed apologies to 25 serving civil servants whose names and post titles were stored in a portable electronic storage device (USB memory stick) that was reported missing last week.
30-Apr-2008	LCQ14: Do-not-call registers	A question by the Hon Sin Chung-kai and a written reply by the Secretary for Commerce and Economic Development, Mr Frederick Ma, in the Legislative Council on April 30.
25-Apr-2008	DH enhances office security after patients' data goes missing	The Department of Health is working closely with the police in the investigation of a suspected theft case involving a removable electronic storage device (USB flash drive) containing patients' information.
25-Apr-2008	SFH on patients' information	The transcript of remarks made by the Secretary for Food and Health, Dr York Chow, at a stand-up media session before attending a public function on April 25.
23-Apr-2008	Worries Over Corporate Reputation Making Information Security A Top Priority Worldwide, Study Says	Avoiding reputation damage to the organization was viewed as a top priority for security programs by nearly three quarters of information security professionals surveyed in a worldwide study "The 2008 Global Information Security Workforce Study" launched today by (ISC)²® ("ISC-squared"), the non-profit global leader in educating and certifying information security professionals throughout their careers.
14-Apr-2008	Website: http://www.yataiifce.com/	The Hong Kong Monetary Authority wishes to alert members of the public in Hong Kong to a website with the domain name "http://www.yataiifce.com/". The website is operated by an alleged entity, "I.F.C.E in YATAI". The website looks similar to the official website of the HKMA (www.info.gov.hk/hkma). The HKMA wishes to clarify that it has no connection with the website, and no connection with or knowledge of "I.F.C.E in YATAI".
10-Apr-2008	"Missed call" tactic subject to Unsolicited Electronic Messages Ordinance	In response to media reports on April 10 about telemarketers trying to circumvent the Unsolicited Electronic Messages Ordinance by using the "missed call" tactic, the Office of the Telecommunications Authority would like to remind the telemarketing industry and commercial message senders that the use of such tactics to deliver pre-recorded telemarketing telephone messages can be subject to the regulation of the UEMO.
Mar 2008
25-Mar-2008	Fraudulent website	The Hong Kong Monetary Authority wishes to alert members of the public in Hong Kong to an e-mail purporting to be sent from The Hongkong and Shanghai Banking Corporation Limited. The e-mail requests customers to use an embedded hyperlink (for example, "business.hsbc.com/sys_directory/isa/file.aspx?session=228072037356942815405911623153569627471517767588399355&id=4778134") to connect to a fraudulent website and verify their account information by entering their Internet banking account's user name and password.
25-Mar-2008	Registration Hotline Numbers for Three Do-not-call Registers Merged to 1835000 from 26 March 2008	To improve the user-friendliness of the registration process for the three do-not-call registers for fax messages, short messages and pre-recorded telephone messages, the Office of the Telecommunications Authority announced on 25 March 2008 that the unified registration hotline number of the three registers would be 1835000 starting from 26 March 2008.
20-Mar-2008	Fraudulent website	The Hong Kong Monetary Authority wishes to alert members of the public in Hong Kong to an e-mail purporting to be sent from The Hongkong and Shanghai Banking Corporation Limited (HSBC). The e-mail requests customers to use an embedded hyperlink (for example, "business.hsbc.com.fkiiert.mobi/system_directory/isa/file.aspx?session=4304539884918513265306320952183249826249122796") to connect to a fraudulent website and verify their account information by entering their Internet banking account's user name and password.
12-Mar-2008	LCQ15: Proper use of Internet	A question by the Hon Sin Chung-kai and a written reply by the Secretary for Commerce and Economic Development, Mr Frederick Ma, in the Legislative Council on March 12.
3-Mar-2008	Do-not-call register for pre-recorded telephone messages to accept registration from prefix-9 numbers	The Office of the Telecommunications Authority announced that the do-not-call register for pre-recorded telephone messages would start to accept registrations from prefix-9 numbers on March 4, 2008.
Feb 2008
26-Feb-2008	Proposals to amend the privacy law for better protection of online personal data	The Office of the Privacy Commissioner for Personal Data issued statement in response to media reports concerning the need to consider the creation of a new offence.
20-Feb-2008	LCQ14: Leakages of personal data	A question by the Hon Albert Ho and a written reply by the Secretary for Constitutional and Mainland Affairs, Mr Stephen Lam, in the Legislative Council on February 20.
19-Feb-2008	Response to the incident of online circulation of nude photos	The Privacy Commissioner for Personal Data, Mr. Roderick B. Woo is concerned about the recent incident on the online distribution of nude photographs.
11-Feb-2008	Do-not-call register for pre-recorded telephone messages to accept registration from prefix-6 numbers	The Office of the Telecommunications Authority announced that the do-not-call register for pre-recorded telephone messages would accept registrations from prefix-6 numbers from February 12.
4-Feb-2008	Insurance Authority warns the public of fraudulent website	The Office of the Commissioner of Insurance (OCI) has alerted the public to a fraudulent website with the domain name "www.dingfen.net". The website looks similar to the website of Zurich Insurance Group (Hong Kong) (Zurich HK).
1-Feb-2008	Man charged with publishing obscene articles	A 29-year-old Hong Kong man charged with the publishing of obscene articles will appear at Tuen Mun Magistrates Courts on February 1.
Jan 2008
24-Jan-2008	Do-not-call register for pre-recorded telephone messages accepts registration from prefix-2 and prefix-3 numbers	On January 24, the Office of the Telecommunications Authority announced that the do-not-call register for pre-recorded telephone messages would start to accept registration from prefix-2 and prefix-3 numbers on January 25.
23-Jan-2008	Fraudulent website	The Hong Kong Monetary Authority wishes to alert members of the public in Hong Kong to an e-mail purporting to be sent from The Hongkong and Shanghai Banking Corporation Limited (HSBC). The email requests customers to use an embedded hyperlink (for example, "business-internet-banking.hsbc.com.topoi2.cx/bibauth/ formStart/") to connect to a fraudulent website and verify their account information by entering their Internet banking account's user name and password. HSBC has clarified that it has not sent these emails to its customers and has no connection with the fraudulent website.
15-Jan-2008	Anti-Spamming Task Force holds first meeting	The high level task force set up to advise Government on policies and measures to tackle the problem of unsolicited electronic messages held its first meeting on January 15.
14-Jan-2008	Fraudulent hotline purporting to be related to the HKMA	The Hong Kong Monetary Authority wishes to alert members of the public about a suspected fraudulent telephone hotline (852-3177 1572), which purports to be an interactive voice response system run by the HKMA.
11-Jan-2008	Your fate is in the palm of your hand	Prof David Zhang of the Department of Computing of Hong Kong Polytechnic University was inspired by the uniqueness of the palmprint and has developed the world's first civil Palmprint Recognition as a security device of identification by biometric means.
10-Jan-2008	Fraudulent website: www.boctelex.cn	The Hong Kong Monetary Authority wishes to alert members of the public in Hong Kong to a fraudulent website with the domain name "www.boctelex.cn". The website looks similar to the official website of Bank of China (Hong Kong) Limited (BOCHK). BOCHK has clarified that it has no connection with the fraudulent website.
7-Jan-2008	Do-not-call Register for Short Messages Commences to Accept Registration on 8 January 2008	The Office of the Telecommunications Authority announced that the do-not-call register for short messages would be launched on 8 January 2008. This is the second do-not-call register since the full commencement of the Unsolicited Electronic Messages Ordinance (UEMO) on 22 December 2007. The first do-not-call register is for fax.


	News Archive


Previous		Top

Sitemap | Contact Us | Privacy Policy | Disclaimer