Hongkong Post has reported an information security incident involving robotic access to information in the address books of its EC-Ship account holders.

Condemning the attack, its stressed that it will work closely with Police on its investigation into the matter.

Upon identifying the incident, Hongkong Post took immediate measures to block the unauthorised access. It also followed established guidelines and reported the case to Police, the Digital Policy Office, the Office of the Privacy Commissioner for Personal Data and the Security Bureau on the same day. The EC-Ship service has resumed as normal.

Hongkong Post said that based on a preliminary assessment, the incident could involve information in the address books of EC-Ship account holders, including senders’ and recipients’ names, addresses, phone numbers, fax numbers and email addresses. Investigations are ongoing to ascertain the number of account holders affected and whether any personal data leakage is involved. When further updates are available, Hongkong Post will inform affected account holders.

The service added that it is seeking advice from the Digital Policy Office to assist with its investigations, and will further strengthen system security measures.

Hongkong Post also reiterated that it does not send embedded hyperlinks via emails, SMS messages or social media pages for the collection of personal information or requesting for payment. Citizens are advised to refrain from clicking on any embedded links or providing any personal or financial data, and from making payments via suspicious emails or SMS messages alleged to be sent by Hongkong Post.

For enquiries, call 2921 2222.