Update on cyber security incident of Hospital Authority
********************************************************

The following is issued on behalf of the Hospital Authority:

     The spokesperson for the Hospital Authority (HA) gave the following update today (September 11) regarding an earlier announcement on a cyber security incident:
 
     The HA has already stepped up cyber security measures in response to a cyber-attack by an unidentified advanced persistent threat group since September 2.
 
     "The HA clarifies that the rumours of leakage of patient records or service interruption are unfounded," the HA spokesperson said.
 
     As the incidence of cyber threats is continuing and increasing, the HA Information Technology and Health Informatics Division has issued cyber safety advice to remind HA staff to stay vigilant on cyber security, including reminders not to open any suspicious emails, attachments and links and to use encrypted and password-protected USB drives when necessary for saving private personal data.
 
     "The HA also advises staff to set a strong password for accessing HA systems and to avoid using the same password for any external system such as social media," the HA spokesperson added.
 
     Investigation of the attack is in progress and the HA has already taken appropriate measures to block the intrusion. The case has been reported to the Office of the Government Chief Information Officer and the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force.
 
     The HA strongly condemns any form of cyberattack.

Ends/Wednesday, September 11, 2019
Issued at HKT 18:30

NNNN