The agency, which specialises in Japan tours, did not say how many customers were potentially affected and if data was stolen
One of Hong Kong’s largest travel agencies, WWPKG Holdings, revealed its customer database was hacked on Monday, putting at risk personal information such as ID card numbers and credit card information.
The agency, which specialises in tours to Japan, made a police report on Monday morning and shut down its website and offices.
Police officers from the cybersecurity and technology crime bureau were investigating the case, while a police source on Tuesday said the compromised computers were in both WWPKG’s main and branch offices, and used mainly by senior management.
It is understood that an email address was left behind for staff members to make contact with the perpetrators.
“At this stage, there was no attempt to demand money from the company, but the [staff members] were asked whether they needed help to unlock the computers.
“We believe the move was to interrupt the company’s operation and ultimately demand money,” the police source said.
WWPKG Holdings, which is listed on the Hong Kong stock exchange, said an unauthorised party accessed their customer database on their system on Monday, which “may contain information such as their clients’ names, HKID card numbers, passport numbers, credit card information, phone numbers, email address, mailing address and purchase history”.
SCMP
PUBLISHED : Tuesday, 07 November, 2017, 2:48pm
UPDATED : Tuesday, 07 November, 2017, 10:53pm
Comments