The Hospital Authority today reported a suspected case of unauthorised access to patient data after the information was found leaked on a third-party platform.

The authority’s routine monitoring system detected the breach at around 2am on April 3. The matter was promptly reported to Police and the Office of the Privacy Commissioner for Personal Data yesterday morning. The authority will fully co-operate with the Police investigation.

Involving more than 56,000 patients from the Kowloon East Cluster, the leaked data includes names, gender, Hong Kong identity card numbers, hospital file numbers and details of surgical procedures.

The authority sincerely apologised to the affected patients and pledged to take all practicable measures to minimise the impact on the patients.

It will notify the affected patients as soon as possible via the “HA Go” mobile application, mail and phone calls.

The Kowloon East Cluster has established a dedicated hotline at 5215 7326 for patient enquiries. The hotline operates from 9am to 6pm, Monday to Sunday. Patients may also leave messages outside of these hours.

Upon discovering the incident, the authority conducted a thorough review of its internal network systems. It confirmed that all systems are operating normally and securely, with no indication of a cyberattack. The authority has immediately suspended the contractor's system maintenance work.