Privacy watchdog demands Facebook tell Hong Kong users personal data was leaked

Hong Kong’s privacy watchdog has renewed its demand that Facebook notify its 3 million users in the city that their personal data has been leaked online, after the US social media giant failed to respond to a similar request made two days ago.

The city’s privacy commissioner for personal data, Ada Chung Lai-ling, on Tuesday said her office first contacted Facebook’s Hong Kong office on Sunday, the day news broke of a massive leak involving more than 500 million users worldwide.

“We wrote to Facebook immediately and have been in contact with its staff. They told us the data was from a leak that took place in 2019. The data concerned included usernames, Facebook IDs, email addresses, phone numbers, locations, dates of birth and their bios,” Chung told an RTHK programme on Tuesday.

Her office has requested the California-based firm inform Hong Kong users of the leak as soon as possible, as those affected could still be using the same phone numbers and email addresses they were two years ago.

“They still have not responded to us on this officially, but we have already reminded them. Facebook must handle the problem quickly and properly,” Chung added.

Shortly after the data emerged online, Facebook revealed it had been hacked in 2019 and said the security issue had been fixed in August of that year.

Local media reports have suggested lawmaker Regina Ip Lau Suk-yee, a former security minister, was among those whose personal data was made publicly available. According to Francis Fong Po-kiu, honorary president of the Hong Kong Information Technology Federation, the web page carrying the leaked information was no longer accessible as of Tuesday.