BreachExchange mailing list archives
Police investigate hacking attack on HKU polling programme
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Mon, 24 Jun 2013 10:31:14 -0500
http://www.scmp.com/news/hong-kong/article/1266332/police-investigate-hacking-attack-hku-polling-programme Hackers may have gained access to more than 2,000 sets of personal data, including names, ID card numbers and phone details, in recent attacks on University of Hong Kong computers. Systems of the university's public opinion programme had suffered "several illegal intrusions", a spokeswoman for the programme said. A police report was made two days ago. A police spokesman said: "So far, there is no sign that this incident is related to recent reports of local computer systems being intruded." Whistle-blower Edward Snowden told the Post last week that Chinese University was a target of American cyberspying. Last month the HKU programme said it would organise the first "deliberation day" for organisers of Occupy Central, a civil disobedience movement aimed at achieving genuine universal suffrage that has been widely criticised by Beijing loyalists. The programme's spokeswoman would not say whether the names hacked included those of the more than 700 people at the deliberation day on June 9. "When we first found out about the unusual activities on May 5 we did not consider it so serious that a report to the police was needed," she said. Police said the hackers could have had obtained the bank details, e-mail and home addresses and dates of birth of more than 2,300 people. Officers are still trying to find out how the system was hacked. Computer records from internet service providers would be needed to ascertain the hackers' location, as technology such as proxy servers and springboards could have been used to hide their whereabouts. Police are treating the case as one of accessing computers with criminal or dishonest intent. The public opinion programme was established in 1991. In 2001, its head pollster Dr Robert Chung Ting-yiu claimed chief executive Tung Chee-hwa had pressurised him to drop polls on Tung's popularity, triggering a huge row about academic freedom and a public inquiry. Last year an official at the central government's liaison office, Hao Tiechuan, attacked a poll on national identity conducted by Chung's programme and suggested some organisations "conduct surveys that serve the interests of certain political parties". The same programme suffered a cyberattack last year. Its mock "universal suffrage" poll for the chief executive election recorded up to a million hits a second shortly before the 1,193-strong Election Committee picked Leung Chun-ying. _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss-discuss Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Police investigate hacking attack on HKU polling programme Erica Absetz (Jun 24)