Hong Kong's privacy watchdog stated that the South China Athletic Association failed to take adequate measures to protect its members' personal data, leading to a significant breach.
The investigation revealed that a hacker had installed malware on one of the association's servers in January 2022, which compromised the network's security.
'Brute force attacks' against the association's computer systems highlighted the series of lapses that allowed the attacker to gain remote access and cause extensive damage.
Malicious activities included disabling anti-virus software, credential harvesting, and executing network reconnaissance, underscoring the vulnerabilities in the club's data protection measures.
Collection
[
|
...
]