Cyber Incident Victim: Hong Kong Institute of Architects

The Hong Kong Institute of Architects (HKIA) publicly disclosed a cyberattack on January 1, 2024, which caused significant disruptions to its online services. The incident compromised access to the Members' Area, a critical portal for professional resources and member-exclusive functions, forcing HKIA to temporarily suspend this feature. While the full scope of affected systems remained unspecified, the attack impaired broader website functionality beyond the membership platform. Technical teams initiated immediate containment measures to isolate compromised components and prevent further unauthorized access. No details regarding the attack vector, perpetrator identity, or data exfiltration were disclosed in the initial statement. Service restoration efforts prioritized securing the Members' Area, with HKIA committing to reactivate it at the earliest opportunity.

HKIA's response focused on operational recovery while maintaining transparency with stakeholders about ongoing disruptions. The organization acknowledged the inconvenience caused to members and the public, emphasizing efforts to fully restore all remaining website services in the near future. Concurrently, HKIA clarified that an unrelated website redesign—intended to enhance user experience through visual and functional improvements—proceeded as planned despite the security incident. This revamp, described as part of routine modernization, was not presented as a direct response to the attack. The institute provided no timeline for complete recovery but reiterated its commitment to resolving service interruptions promptly through dedicated technical remediation work.