
Photo: Luk Fook Jewellery confirmed yesterday that its database had been hacked and the data of 1,800 Hong Kong customers had been stolen.
[Ta Kung Pao News]Reporter Cheng Jin reported: Luk Fook Jewellery’s database was suspected to have been hacked, and member information was suspected to have been uploaded to the Internet for sale. An overseas website earlier claimed to have 5 million member information, including all user ID information, etc. Luk Fook Jewellery issued a notice yesterday, stating that after investigation, it was confirmed that someone tried to access the group’s database without authorization, and some records of about 1,800 Hong Kong customers were extracted. The group is contacting every customer who may be affected to remind them of this potential incident and the potential risks faced by their personal information.
Luk Fook Jewellery said that it had hired a cyber security consulting firm to investigate the incident and conduct a comprehensive inspection of the group’s systems and server security. The investigation was unable to verify the integrity or validity of the data extracted from the company’s database. The group stressed that at all critical moments, the affected servers were protected by solutions such as network firewalls to prevent network-based and host-based threats.
Luk Fook Jewellery continued to point out that it had immediately initiated network incident containment and response procedures after discovering the potential incident, including disconnecting the affected server from the group’s network and performing a comprehensive anti-malware scan. Since the start of the investigation, the group has taken more containment measures, including but not limited to regularly monitoring its network to identify potential malicious activities and only allowing trusted connections to the affected servers. Luk Fook Group has also implemented additional security measures to prevent similar attacks from happening again and protect the privacy of customers.