First published: 09th November 2010
The Hong Kong Government's Labour Department admitted emailing 220 login names and passwords of other users to other users of their Interactive Employment Service website. The incident, described as a "website technical problem" during a recent upgrading exercise, took place on 1st November. Their investigation revealed that 51 of the accounts had been logged into during the incident, but no amendments were made to the accounts. The department contacted 40 of the 51 users affected, 31 confirmed that they had used the accounts themselves, 7 could not recall, and two said that they had not used their account.
The department said that it would follow up with the remaining 7 users as soon as possible, and that a full investigation would be conducted. The report did not clarify whether the Privacy Commissioner for Personal Data had been informed.
The Labour Department thus joins the Hospital Authority, the Independent Police Complaints Commission, the Baptist University and the Hong Kong Police as Hong Kong bodies that have succumbed to Data Leak Disease.