Home Affairs Department clarifies no data breach amid claims of residents’ data for sale on dark web


25th May 2024 – (Hong Kong) A foreign technology security company posted a warning on the social media platform X (formerly known as Twitter) about the alleged leakage of Hong Kong residents’ data on the Dark Web. The post included a screenshot from a Dark Web forum showing personal data purportedly sourced from Hong Kong’s Home Affairs Department being offered for sale. The data allegedly included individuals’ full names, Hong Kong ID numbers, and residential street addresses.

Responding to these claims, a spokesperson from the Home Affairs Department stated that upon learning of the allegations made on the online platform, the Office of the Government Chief Information Officer was notified immediately. The department also conducted a thorough investigation, which found no evidence of any breach or data theft from its systems, nor any data leakage.

The Privacy Commissioner for Personal Data was also mentioned as not having received any data breach notifications from the relevant institutions. The commissioner’s office has stated that it will contact the institutions involved to understand the situation further.

The Home Affairs Department has vehemently condemned the dissemination of false information online and reported the matter to the Cyber Security and Technology Crime Bureau of the police. The department emphasises its severe stance against all forms of cybercrime and the spread of misinformation online, and it has pledged full cooperation with law enforcement authorities in their investigations.