PCI DSS v3.2.1 accredited
The rise in data breaches has recently become a pressing concern for businesses and consumers alike, particularly in Hong Kong. The Office of the Privacy Commissioner for Personal Data reported a staggering 50% surge in data breach incidents last year.¹ Alarmingly, public sector enterprises accounted for nearly a third of these breaches, highlighting vulnerabilities that can affect millions of individuals and their personal information.
With 73% of Hong Kong businesses reportedly experiencing cyber attacks in 2023,² the urgency for robust data protection measures has never been clearer. The following are just a few of the biggest data breaches that occurred this year alone.
In January 2024, the Faculty of Education at HKU suffered a cyber attack that exposed the personal data of around 7,400 students, academic visitors and research programme applicants. The breach may have also disclosed internal files dating back to 2012, such as meeting minutes, room booking records and system management files.
A probe into CR in May 2024 uncovered a data leak affecting approximately 110,000 individuals, exposing their names, passport and ID numbers, residential addresses, telephone numbers, and email addresses. This breach marks the third reported security incident in the public sector within just a week — after leaks at Electrical and Mechanical Services Department and the Consumer Council — highlighting the serious cybersecurity issues that can occur within government departments.
While the examples highlighted above show how easily data breaches can happen to any company across any industry, retailers in particular are at high risk given the vast amounts of customer data they collect through loyalty programmes.
Take the Brooks Brothers Hong Kong case as an example. Its customer information database was infiltrated by an unauthorised third party in May 2024.⁵ Affecting over 27,000 Brooks Brothers members, this breach exposed personal data, including names, email addresses, phone numbers, and passport numbers and copies.
Customer loyalty programmes, which often include purchase history, contact details and even payment methods, are increasingly more vulnerable in this digital age. While typically used to enhance services, tailor marketing efforts and improve the overall customer experience, if the information falls into the hands of hackers, it could permanently damage customer trust. Breaches create the perception the retailer has failed to protect personal information, and long-term impacts on customer retention and loyalty can be profound.
With the increasing frequency of data breaches and alarming rise in personal data being sold on the dark web, retailers must take proactive measures to safeguard their customers' information and mitigate fraud-related risks.
By including Dark Web Monitoring in their existing offerings, retailers can increase cyber awareness, keeping customers informed and vigilant. This proactive stance reassures customers their data is being monitored in real time and kept in the light in the event of a breach, in addition to encouraging them to take an active role in their own security.
Promoting awareness and providing tools to help customers with data security measures can position retailers as champions of cybersecurity vigilance, strengthening customer relationships and reinforcing their reputation as a reliable partner in the digital age.
Contact TransUnion’s sales team to see how you can unlock the full potential of cybersecurity.
¹ Hong Kong privacy watchdog calls for more data security training, says it logged 50% surge in breaches and hacking cases in 2023, South China Morning Post
² Record 73% of Hong Kong businesses hit by cyberattacks in past year while company readiness suffers big drop, privacy watchdog poll finds, South China Morning Post
³ Data of 7,400 students, scholars leaked in HKU breach, rthk.hk
⁴ Personal data of 110,000 people leaked after breach at Hong Kong’s Companies Registry, investigation finds, South China Morning Post
⁵ ImagineX Group's Brooks Brothers clothing store experience data breach, Marketing Interactive
We're sorry, your request failed. Please try again in a little while.