Hong Kong privacy watchdog blasts electoral office for massive data breach
Ng Kang-Chung reports:
A report by the Privacy Commissioner found the electoral office failed to take adequate steps to protect the personal data of Hong Kong’s 3.78 million voters stored in one of two laptop computers that were stolen during the chief executive election in March.
Read more on South China Morning Post.
Kang-Chung provides some additional details as to what was on the stolen laptops. We already knew that one laptop contained the names of approximately 1,200 members of the Election Committee, but now we also know that the other contained “information about all Hong Kong’s registered voters, including their names, addresses, ID card numbers, and the geographical constituencies in which they were registered.”
It’s not yet clear to me whether the “multiple layers of encryption” were being used at the time of theft, and how strong any “encryption” actually was.