The computer system at the Cheung Sha Wan Vegetable Wholesale Market has suffered a ransomware attack, risking the data of around 7,000 market users.
The Vegetable Marketing Organization (VMO), which manages the market, announced on Wednesday that its systems were immediately suspended to prevent further intrusions after the breach was detected on Monday.
The incident was reported to the police, the Hong Kong Computer Emergency Response Team Coordination Centre, and the Office of the Privacy Commissioner for Personal Data, the VMO said, according to Wednesday’s government press release.
“Preliminary investigation indicates that the incident involves the gate and accounting systems of the Cheung Sha Wan Vegetable Wholesale Market,” the press release said. “The VMO is conducting an investigation to assess whether any personal data has been leaked. The VMO will promptly notify affected individuals when necessary.”
The VMO is a non-profit established in 1946 tasked with providing the public with local premium vegetables. When HKFP checked its website on Thursday, it was not accessible.
The VMO engaged an external contractor to expedite the system restoration and assist in the investigation. Meanwhile, market operations will continue as normal, but tasks involving payments and invoicing are having to be handled manually, the press release said.
In recent years, serval entities and organisation in Hong Kong have seen cybersecurity breaches, including Cyberport, the Consumer Council, the Hong Kong Post and others.
In March, Hong Kong lawmakers passed a law meant to enhance safeguards for the city’s key infrastructure systems against cyberattacks, imposing fines of up to HK$5 million for cybersecurity lapses.
The VMO said it “attaches great importance to cybersecurity and will conduct a comprehensive review of this incident and further strengthen its information and network protection measures to prevent recurrence of similar incidents.”
