Investigation Report
Published under Section 48(2) of the Personal Data (Privacy) Ordinance
(Chapter 486, Laws of Hong Kong)
Unauthorised Access to Credit Data in the TE Credit Reference System
Executive Summary
Background
- The Office of the Privacy Commissioner for Personal Data ("PCPD") received a complaint lodged by a member of the public. The complaint was related to the TE Credit Reference System.
- The TE Credit Reference System was developed and operated by Softmedia Technology Company Limited ("Softmedia").
Investigation Case
- The complainant had been obtaining loans from a number of money lending companies. On 28 December 2021, the complainant was informed by one of these companies that his credit records in the TE Credit Reference System had been accessed by several other money lending companies and he was asked whether he had recently encountered severe financial difficulties.
- The complainant stated that he was not aware of these money lending companies and had never applied for any loan from them. The complainant queried how they had obtained his authorisation to access the TE Credit Reference System. He was worried that the TE Credit Reference System's security measures were inadequate in protecting his personal data so that the money lending companies were able to access his credit data without his consent. The complainant therefore lodged his complaint with the PCPD.
1
