Security incident | Careers Hong Kong

It has come to our attention that as a result of a recent security incident at PageUp, a vendor that provides certain recruitment-related information services to King & Wood Mallesons Hong Kong, some of your personal details may have been accessed by an unauthorised person and possibly disclosed.

Who is potentially impacted?

You may be affected if you submitted a job application on our website from 2014 onward for a position in our Hong Kong office.

What has happened?

We have been advised that forensic investigations by PageUp have confirmed that an unauthorised person gained access to PageUp systems and personal data relating to clients, job applicants, references and PageUp employees.

How could I be impacted?

PageUp’s forensic experts have identified that compromised data may include, insofar as relevant to our Hong Kong operation:

  • Contact details including name, email address, physical address, and telephone number
  • Biographical details including gender, date of birth, and maiden name (if applicable), nationality, and whether the applicant was a local resident at the time of the application
  • Employment details at the time of the application, including employment status, company and title.

Password data for applicants was protected using industry best practice techniques, including hashing and salting and therefore evaluated as a very low risk. 

Importantly, PageUp has advised that it is confident that the most critical data categories, including resumes, are not affected in this incident.

Are King & Wood Mallesons’ systems safe to use?

The incident was contained at PageUp, and no King & Wood Mallesons systems were affected in this incident.

Where should I go for more information?

Applicants and employees with specific concerns should contact us at careers@kwm.com.

For general information about how you can you protect your data privacy, visit the website of the Hong Kong Privacy Commissioner's Office at www.pcpd.org.hk.

What should I do?

If you are concerned your data may have been accessed by an unauthorised party, we advise you perform the following good security practices:

  • Change your passwords on other online services, if you re-use the same password
  • Enable multi-factor authentication and other available security measures provided by your other online services
  • Be aware of potential phishing emails and telephone calls from businesses or institutions requesting your personal details. Avoid opening attachments from unknown senders via email or social media
  • Install anti-virus software and keep it updated
  • Apply all recommended software patches from operating system and software providers.

If you are concerned about your private information, please contact PageUp at security-enquiries@pageuppeople.com. If you are not satisfied with their response, you can contact the Hong Kong office of the Privacy Commissioner for Personal Data directly at enquiry@pcpd.org.hk or on T: +852 2827 2827. 

View Australia information