A significant data breach has rocked the renowned jewelry chain Lukfook Jewellery, as more than 5 million members’ personal information has surfaced on dark web platforms. The sensitive data, encompassing names, dates of birth, addresses, HKID numbers, email addresses, account passwords, mobile numbers, and WeChat accounts, is believed to have been compromised following a suspected breach of the company’s security measures.
The compromised information affects both mainland and local customers, amplifying the scale and reach of the breach. Reports indicate that the hacker responsible for the breach is offering the entire database for sale, setting a price of HK$195,000 worth of cryptocurrency, specifically 25,000 Tether tokens.
Despite the gravity of the situation, Lukfook Jewellery has remained conspicuously silent, refraining from issuing any statements addressing the incident or providing reassurances to affected customers. Inquiries made to the Office of the Privacy Commissioner for Personal Data reveal that no formal reports have been filed regarding the breach. However, the Commissioner’s office asserts its intent to initiate communication with relevant organizations to glean further insights into the matter.
This breach underscores the pressing need for heightened cybersecurity measures within the retail sector, particularly for businesses entrusted with safeguarding sensitive customer information. As the fallout of the breach unfolds, affected individuals await clarity and accountability from Lukfook Jewellery regarding the protection of their personal data.
