Two laptops containing personal information of Hong Kong's 3.7 million registered voters have been stolen.
The laptops were reported missing by Hong Kong's electoral office, in what could be the city's largest data breach. They were reportedly stolen from a locked room on Lantau Island, off the main Hong Kong island. The room was a designated backup venue for the chief executive elections held over the weekend.
The stolen data included names, addresses and identity card numbers of voters, the office said in a statement. The data was encrypted, so it'll be a lot harder — albeit not impossible — for information to be leaked. Hong Kong's privacy commissioner for personal data said in a statement that it had been notified of what happened, and added that it will launch a "routine probe" into the issue. Police also said that they are treating the case as theft, but no arrests have been made so far.
The data breach has drawn sharp criticism from lawmakers and Hong Kong citizens. "This is unacceptable," Charles Mok, a lawmaker representing the city's IT sector, wrote on Facebook. "There's no reason why the data was stored on computers that could have been stolen; they could have encrypted it on the cloud."
While the city has 3.7 million registered voters, only 1,194 votes were eligible to be cast on Sunday. Since Hong Kong's separation from British rule in 1997, the city has designated a pre-selected group of voters from its business and political establishment to represent the population. A Reddit user pointed this out too, asking: "Why did they need to store the full register [for the chief executive election] instead of just the list of 1,194 'election' committee members?"