By Sahil Nagpal
May 9th, 2008
Hong Kong - A government investigation was underway Friday after it was
revealed that confidential files from the Immigration Department had
been mistakenly leaked on to the internet.
The list, which contained a list of the names of people for officers to
watch, plus travel document information and travel records, has been
available on the internet since Monday through a file-sharing programme
The blunder occurred after a newly-recruited immigration officer working
at the Lok Ma Chau border point took home some old classified files to
study without authorisation.
His computer contained the "Foxy" programme and when he connected to the
internet, the files were distributed without his knowledge.
The security blunder is the latest in a series in Hong Kong in the last
Earlier this week, banking giant HSBC was forced to apologise to
customers after it admitted it had lost the data of 159,000 accounts
from a Hong Kong branch.
The data was held on a internet server which is understood to have gong
missing in April from the Kwun Tong branch of the bank while it was
undergoing renovation last month.
The Hospital Authority also admitted this week to the loss of data of
thousands of patients in several incidents.
In one case, a USB flashdrive containing the files of 10,000 patients
from the Prince of Wales Hospital was lost after a hospital worker who
was transferring the data left it in a taxi.
Lawmaker James To, the vice-chairman of the Legislative Council security
panel said the immigration department security breach was by far the
most serious of all three.
"This data is more private, it gives the detailed record of people's
travelling history," he said.
Chairman of the security panel Lau Kong-wah said the leak was
"The data is sensitive information. Not only the Immigration Department,
but all government organisations should review their data-privacy
systems to prevent similar cases," he said.
Security Secretary Abromse Lee has said the officer concerned would face
disciplinary action after an investigation. (dpa)
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com