Hong Kong watchdog slams sports club for sloppy cybersecurity ahead of data breach South China Morning Post

pSouth China Athletic Association failed to introduce effective security steps to prevent leak of 72315 peoples data in March watchdog saysppHong Kongs privacy watchdog has found a prominent sports club had been in breach of data protection regulations in the runup to a largescale leak involving about 72000 members personal informationppThe Office of the Privacy Commissioner for Personal Data said on Tuesday that the South China Athletic Association SCAA had failed to take all practicable steps to protect members personal data before the breach occurred in MarchppThe SCAAs awareness of the need to protect the personal data of its members was weak The association as a longestablished sports association holding a significant amount of personal data should be vigilant about cybersecurity and data security Privacy Commissioner Ada Chung Lailing saidppI am very disappointed that the association failed to implement effective information system security measures to safeguard members personal data prior to the incidentppShe said the clubs failure to undertake the necessary steps to protect members information was in violation of the Personal Data Privacy OrdinanceppOn March 18 this year the association notified the office that its servers had been attacked by ransomware and maliciously encryptedp