Hong Kong is one of the world’s top tourist hubs. It’s an administrative center with an expanding threshold of businesses basing their headquarters in the region.
Since Hong Kong has a booming transport and travel economy as a result of its tourism, a major travel agency by the name WWPKG Holdings Company has been offering services to the city’s growing base of dwellers and tourists combined.
The travel agency has enjoyed a steady increase in its customer base for the last few years, which has compelled the company to improve its services to the digital arena.
Not only are they running the business mainly online, but they’re also storing their customer database in a primary server.
Bearing in mind the rising level of ransomware cyberattacks being perpetrated by hackers towards many mega-organizations around the world, WWPKG not been spared in the mix.
A group of hackers who are purported to be from overseas recently gained access to the travel service agency’s system and made away with a haul of customer data.
The hackers are said to have gained access to the client database remotely and compromising thousands of clients’ information.
The purported lost data included the clients’ names, their Hong Kong ID numbers, passport numbers, clients’ emails, phone numbers and, more importantly, their credit card information.
As the investigation continues, there is a lot of speculation surrounding what the hackers intend to do with the data if the ransom is not paid.
A ransom has been placed on the stolen data, demanding payments in Bitcoin.
Police and cybersecurity experts claim with certainty that the computers which were most likely compromised were those based at the travel agency’s main and branch offices.
The likelihood of the hackers getting away with thousands of clients’ data is very high considering most of the information is based in those locations.
The hackers were provocative enough to leave an email address which was intended for the travel agency to make contact with them. According to the organization, the hackers are just buying time to start their malicious acts of spamming.
The Hong Kong-based travel agency has since shut down its website and offices to help the investigators look deep into the issue and possibly prevent a future attack.
The adverse effect on the closure of the travel agency is financially devastating. According to the Hong Kong stock exchange, WWPKG’s value of shares has dramatically plummeted.
To prevent the hackers from further harming the travel agency’s clients, WWPKG has reached out to all its customers to inform them of the case.
Once credit card information is lost to hackers, there is a great chance they will be sold to the dark market and used for fraud cases. There are no guarantees that every client is safe from having their own data compromised through this attack.
This is because there has been no total recovery and control of the website containing clients’ information.
A lot of the stakeholders are concerned with the high level of data loss and the fact that the data remains in the mercy of the hackers, even though measures are being put in place to mitigate any further complication on the lost data.
There are speculations about the Russian state being involved in the attack, though Indonesian hackers have also been connected to the case.
This hack comes at a time when Russia state-sponsored cyberattacks have been on the rise.
But the whole matter is in the hands of the police, who are continually investigating and reporting on the attack.
In the meantime, WWPKG clients will have to bear with waiting for the website and offices to re-open after the investigation is completed.