Cyber Incident Victim: Hong Kong Science and Technology Parks Corporation
Date:
May 2025
Location:
Hong Kong
Summary
The Hong Kong Science and Technology Parks Corporation disclosed that its Drug Safety Testing Center experienced a ransomware attack on a computer system operated independently from the corporation’s main network and managed by an outsourced contractor. Upon detection, the affected servers were isolated, an incident task force was activated, and the matter was reported to police. The breach involved data of approximately thirty employees and twenty customers of the testing center. Relevant government bodies, including the Innovation, Technology and Industry Bureau, the Innovation and Technology Commission, the Digital Policy Office, and the Office of the Privacy Commissioner for Personal Data, were notified in accordance with procedure. The corporation is cooperating with the police investigation, maintaining communication with the contractor and cybersecurity experts, and has engaged an independent third‑party specialist to review the incident, conduct remediation, and produce an investigation report.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On 12 May 2025, the Drug Safety Testing Center (DSC) under the Hong Kong Science and Technology Parks Corporation (HKSTP) identified an information security incident involving a malicious ransomware attack on part of its computer system. The DSC’s information technology environment operates independently from the broader HKSTP network, and its information security functions are managed by an outsourced contractor. Upon detection, the center immediately disconnected and isolated the affected servers from the relevant system to prevent further intrusion. An incident task force was activated to coordinate the response, and the case was reported to the police for investigation. HKSTP also implemented additional security measures to limit the spread of the attack.
The ransomware incident compromised data relating to approximately thirty DSC employees and twenty customers of the center. In accordance with established procedures, HKSTP notified the Innovation, Technology and Industry Bureau, the Innovation and Technology Commission, the Digital Policy Office, and the Office of the Privacy Commissioner for Personal Data. The testing center maintained close communication with its outsourced contractor and engaged cybersecurity experts to assist with the response. Affected organisations and individuals were informed as appropriate, and HKSTP affirmed its full cooperation with the ongoing police investigation. To support the response, an independent third‑party cybersecurity expert was commissioned to review the incident, conduct remediation work, and prepare an investigation report.
The Drug Safety Testing Center was launched in 2022 to provide Good Laboratory Practice preclinical services for evaluating the safety of therapeutic solutions or medical devices. A spokesperson for HKSTP emphasized that information and network security have remained a priority for the corporation in line with government‑established procedures. The independent third‑party cybersecurity expert has been commissioned to review the incident, conduct remediation work, and submit an investigation report.