Hong Kong Exchanges and Clearing Limited

Hong Kong Exchanges and Clearing Limited (HKEX) is the operator of the stock and derivatives exchanges in Hong Kong. It provides trading, clearing, and settlement services for a range of financial products. The organisation is headquartered in Hong Kong and serves as a key marketplace for securities and derivatives in the region. Its core function is to facilitate capital formation and price discovery for listed companies and market participants. HKEX operates under a regulatory framework as a recognized exchange clearing house. The exchange's infrastructure supports both cash and derivatives markets, connecting global investors with Asian markets. It maintains systems for order matching, trade confirmation, and post-trade processing. The organisation's services are essential for the liquidity and efficiency of Hong Kong's financial markets. It lists and trades equities, bonds, exchange-traded funds, and derivatives contracts. HKEX's role is central to the functioning of Hong Kong's position as an international financial centre.

A significant cybersecurity incident affecting HKEX occurred on September 6, 2019. The organisation was targeted by a distributed denial-of-service (DDoS) attack. This attack impacted the availability of its public website. Concurrently with the cyber incident, HKEX proactively halted trading in its derivatives market. The halt was a precautionary measure to maintain market integrity and fairness during the technical disruption. The attack and subsequent trading pause were publicly acknowledged by the exchange. This event highlighted the operational vulnerability of critical market infrastructure to cyber threats. The incident underscored the potential for cyberattacks to directly interfere with core trading functions. HKEX's response involved managing the technical issue and restoring normal operations. The 2019 event remains a noted example of a cyber disruption at a major global exchange. No further details regarding the attack's duration, specific technical vectors, or long-term remedial actions are provided in the available summary. The organisation's subsequent security posture or investments are not detailed in the given material.