Skip to content

Media Statements

Media Statement

Date: 4 April 2021

Privacy Commissioner Commences Compliance Check on
Suspected Data Breach Relating to Facebook Users

The Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD), noted the media reports on the suspected data breach incident relating to the users of the social media platform Facebook and that, among others, nearly 3 million Hong Kong users are affected. Given that the personal data at stake include names, Facebook IDs, email addresses, telephone numbers, locations, dates of birth, biographical information, etc., the PCPD has today (4 April) contacted Facebook’s Hong Kong office (Facebook HK) and has written to Facebook to initiate a compliance check on the incident, including ascertaining the particulars of the data breach incident, the number of Hong Kong users affected and the personal data involved.
 
The PCPD has also reminded Facebook to notify affected users as soon as possible to mitigate the risks arising from the data breach.
 
The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner), Ms Ada CHUNG Lai-ling, appeals to users of the social media concerned to be vigilant about potential theft of personal data. If they are in doubt about whether their personal data have been leaked, they may make enquiries with the social media concerned or make enquiries/complaints to the PCPD (telephone: 2827 2827 or email: communications@pcpd.org.hk). To protect personal data privacy, users may consider the following: -

  • Change the passwords of the social media accounts concerned and other platforms as well if necessary;
  • Enable the two-factor authentication feature;
  • Beware of any unusual logins of social media accounts and personal emails; and
  • Do not accept invitations from strangers or people whose identities cannot be ascertained to be friends.

 
The Privacy Commissioner said the PCPD will issue a Guidance Note on the use of social media and instant messaging apps shortly to further remind users how to mitigate the related privacy risks. Please refer to the attachment for information on how to protect personal data privacy by adjusting some of the settings in the apps that have greater privacy implications.

-End-