Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Circle K cyberattack Hong Kong. Show all posts
Cyber Attacks
Circle K cyberattack Hong Kong Circle K data breach Circle K Hong Kong payment outage Cyber Attacks

Circle K Confirms Cyberattack in Hong Kong, Services Still Disrupted

 

Circle K has confirmed that its Hong Kong operations were hit by a cyberattack, a week after the convenience store chain suspended most electronic payment services. The company has apologized to affected customers and assured the public that the incident is now “under control” while investigations continue.

The disruption began by affecting electronic payments across 400 stores citywide, except transactions made through the Octopus card. The following day, the company revealed it was facing network problems and did not rule out a cyberattack.  A spokesperson confirmed it was indeed a network attack, but did not clarify whether customer data had been compromised.

Despite all stores remaining open, several key services remain suspended, including parcel collection, e-wallet top-ups, bill payments, and the loyalty rewards program. Octopus payments and cash transactions are still being accepted. Circle K has also notified law enforcement authorities and engaged cybersecurity experts to assist with the recovery.

Customers have voiced frustration on social media over the company’s slow response, asking for clearer updates and alternative arrangements. Some requested temporary manual solutions for parcel collection and clarity on whether loyalty program stamps and rewards would remain valid.

The Office of the Privacy Commissioner for Personal Data (PCPD) confirmed it received a data breach notification on September 23 from Couche-Tard HK Limited, Circle K’s parent company. The PCPD has launched a compliance check to investigate potential risks to personal data.

Cybersecurity expert Francis Fong Po-kiu suggested that Circle K may have fallen victim to a ransomware attack, in which hackers infiltrate systems, encrypt data, and demand payment for a decryption key. “They might be working to find the loophole, to find out whether something went wrong in the server or on the retail front,” he said, warning that full recovery could take months or even years. He added that while it was uncertain if customer data had been leaked, loyalty program details such as names, emails, and phone numbers could be at risk.
Read more »
Subscribe to: Posts (Atom)