Go to main content
 
Investigation results of suspected intrusion into outsourced network system of operator of Kwai Tsing District Health Centre announced
******************************************************************************************
     The Primary Healthcare Commission (PHC Commission) under the Health Bureau announced today (May 12) that, upon the investigation conducted by an independent cybersecurity expert commissioned by the Kwai Tsing Safe Community and Healthy City Association (KTSCHCA), the operator of the Kwai Tsing District Health Centre (Kwai Tsing DHC), it has been confirmed that there was no leakage of members' data in the suspected intrusion incident involving the outsourced network system of the KTSCHCA on April 27.

     The outsourced network system concerned, independently managed by the outsourced service provider contracted by the KTSCHCA, is mainly used to assist with administrative work such as service booking or members sign-in at the Kwai Tsing DHC. All members' data in the system are encrypted. The investigation conducted by the independent cybersecurity expert has confirmed that while the firewall of the concerned network system had been hacked, the core business server system remained unaffected, and no members' data was leaked in the incident.

     To enhance cybersecurity, the KTSCHCA has implemented a series of strengthening measures, including enhancing firewall protections, as well as installation of a proactive monitoring system and additional detection tools for more robust surveillance of network connections and detection of unauthorised access attempts. The Kwai Tsing DHC has also reported the investigation results to the Police and the Office of the Privacy Commissioner for Personal Data while the PHC Commission has also informed the Digital Policy Office.

     Furthermore, after reviewing the investigation report submitted by the Kwai Tsing DHC and conducting a detailed assessment, the Commissioner for the Electronic Health Record ascertained that the security risks of the relevant system have been eliminated, and therefore, has resumed the connection of the Kwai Tsing DHC with eHealth through the clinical management system specified by the PHC Commission.

     All services at the Kwai Tsing DHC have resumed as normal since last Saturday (May 10), and the Kwai Tsing DHC will notify its members via telephone calls and text messages. Members of the public may contact the DHC at 1878 222 during office hours for enquiries.

     The Government reiterates its strong commitment to cybersecurity. The PHC Commission will urge the operators of the remaining 17 DHCs/DHC Expresses to make reference to the enhanced measures adopted by the KTSCHCA and continue to review their network systems, including the security risks in the network systems of their outsourced service providers and the related computers, as well as any occurrence of suspicious activities. The PHC Commission will also continue to monitor the operations of the DHCs/DHC Expresses of all 18 districts in Hong Kong to ensure the continuous provision of safe and reliable services.
 
Ends/Monday, May 12, 2025
Issued at HKT 21:11
NNNN
Archives   Yesterday's Press Releases  
Back to Index Page
Back to top
Today's Press Releases