Cybersecurity Incident

Waihong Environmental Services Limited experienced a cybersecurity incident in March 2025, resulting in potential leakage of personal data belonging to some of our employees.

Upon discovery of the incident, we immediately enhanced our cybersecurity measures and engaged a cybersecurity expert to commence a comprehensive investigation. We have implemented more stringent measures to protect our system.

Based on information currently available, our preliminarily findings indicate that the types of personal data affected may include the names, identity card numbers, photographs, and employment information of some of our current and former employees. The extent of personal data affected varies by individual, and not every employee’s personal data has been affected to the same or full extent.

Our notice is purely precautionary in nature, and there is currently no evidence suggesting that the personal data of any affected individual has been misused.

We strongly value corporate governance. Our management team takes this incident very seriously. To prevent similar incidents from occurring in the future, we have enhanced the management, monitoring and defence of our network.

In addition, to protect the interests of the company, employees, and relevant stakeholders, we have reported this incident to the Hong Kong Police Force and the Office of the Privacy Commissioner for Personal Data. We will continue to work closely with the relevant authorities to ensure that we comply with all statutory obligations.

Lastly, we urge all employees and relevant stakeholders of the company to remain vigilant, and adopt enhanced cybersecurity measures at the workplace and on a personal level, in order to minimize any cyber risks and avoid any impact/loss to themselves and the company.

Whilst there is currently no evidence indicating that our employees’ personal data has been misused, such data could potentially be used for unauthorized purposes, e.g. fraud or identity theft. As a precaution, please remain vigilant and adopt the following preventive measures to protect yourself from any potential risks:

  • Beware of any unusual logins of personal emails or accounts;
  • Review bank statements to spot any unauthorised transactions;
  • Consider changing the passwords of online accounts and activate the multi-factor authentication function (if available);
  • Stay vigilant when you receive any suspicious calls, text messages or emails from unknown sources, do not open attachments or disclose personal data arbitrarily; and
  • Be vigilant against phishing or other possible scams.

If you notice any suspicious activities, please contact the hotline of Hong Kong Police Force Anti-Deception Coordination Centre at 18222 or reach out to us (Phone: +852 3173 3862; Email: itd_info@waihong.com.hk).

We denounce the actions of any individuals or entities who commit any illegal activities that involve the infringement of our corporate image and misuse of the company’s name, or our other intellectual property or information, and reserve all of our rights to take legal action accordingly.

We Value Cybersecurity

Safeguard Security of Corporate and Personal Data