RiskEvents

Developing event. Generated by AI and subject to further corroboration and review.

DevelopingLow impactAI Refreshed

SoFi Hong Kong subsidiary confirms third-party vendor data breach

Occurred 30 Apr 2026·Detected 10 Jun 2026·
🇭🇰 Hong Kong, specifically SoFi Securities (Hong Kong) Limited3 reports
CyberCyber

SoFi Securities (Hong Kong) Limited has confirmed a third-party vendor data breach discovered on April 30, 2026, in which unauthorized actors accessed customer data via the vendor's database. The subsidiary has engaged a third-party cybersecurity firm and opened a Hong Kong support line. Scope of exposed personal data, number of affected customers, vendor identity, and any extortion or ransomware component remain unconfirmed.

AI-generated from linked source reports. See our correction policy.

Impact verdict

Low impact. Loss pathway centres on a supply-chain data breach at a Hong Kong fintech subsidiary, with potential third-party liability and cyber insurance exposure. The subsidiary is a relatively small entity within a US fintech parent. No insured loss estimate, confirmed customer count, ransom demand, vendor identity, or regulator action has been disclosed, and there is no evidence of systemic market impact. Watch items: vendor identity, scope of personal data exposed, any extortion or ransomware demand, and any subsequent Hong Kong Privacy Commissioner or other regulator action.

View assessment methodology

How we grade what we know -- Known · Reported · Uncertain. Methodology →

Intelligence ledger

Each line expands in place to its underlying sourced claim.

AI refreshed 16 Jun 2026, 00:13

Known26 lines

SoFi Securities (Hong Kong) Limited confirmed a data breach discovered on April 30, 2026
structured lineknown
No separate sourced-claim record is available for this line yet.
Unauthorized access occurred via a third-party vendor's database
structured lineknown
No separate sourced-claim record is available for this line yet.
SoFi has engaged a third-party cybersecurity firm for incident response
structured lineknown
No separate sourced-claim record is available for this line yet.
A Hong Kong support line (+852 26938888) has been established for affected customers
structured lineknown
No separate sourced-claim record is available for this line yet.
No insured loss estimate has been disclosed or identified at this stage.
sofi_hk_no_insured_loss_estimateloss estimate pendingCyber
Market relevance: Absence of loss estimate supports low current materiality banding pending further disclosure.
No insured loss estimate... has been identified at this stage” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
Unauthorized access was achieved via a third-party vendor's database.
breach_vector_third_party_vendorloss emergingvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Supply-chain compromise raises third-party liability and vendor-risk considerations for cyber insurers.
r/privacy · 8 Jun 2026, 22:04 · social community
hackers gained unauthorized access to a third-party vendor's database containing customer information” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
SoFi Securities (Hong Kong) Limited confirmed a data breach at the subsidiary discovered on April 30, 2026.
sofi_hk_breach_confirmedloss emergingvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Directly relevant to cyber liability and supply-chain coverage in Hong Kong financial services.
r/cybersecurity · 8 Jun 2026, 22:06 · social community
r/privacy · 8 Jun 2026, 22:04 · social community
We do not yet have complete information about the scope and impact of the incident” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
Unauthorized access occurred through a third-party vendor's database, indicating a supply-chain attack vector.
sofi_hk_third_party_vendor_vectorcoverage trigger reviewvalid from 30 Apr 2026, 00:00Cyber
Market relevance: Supply-chain vector is relevant to contingent business interruption and third-party liability coverage assessments.
unauthorized actors accessed customer data through a third-party vendor's database” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
SoFi Securities (Hong Kong) Limited disclosed a data breach detected on April 30, 2026.
sofi_hk_breach_disclosure_dateloss estimate pendingvalid from 30 Apr 2026, 00:00Cyber
Market relevance: Confirms the event timeline for cyber claim triggers and notification clocks.
SoFi confirms third-party data breach at Hong Kong subsidiary” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
Unauthorised access to customer data occurred through a third-party vendor's database rather than directly through SoFi's own systems.
sofi_hk_third_party_vectorloss watchvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Supply-chain vector raises third-party liability and contingent business interruption considerations for cyber insurers.
unauthorized actors accessed customer data through a third-party vendor's database” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Unauthorized actors accessed customer data through a third-party vendor's database, indicating a supply-chain attack vector.
third_party_vendor_access_vectorthird party liability exposurecyber
Market relevance: Supply-chain access vector is relevant to third-party liability and vendor risk coverage in cyber policies.
BleepingComputer · 8 Jun 2026, 21:55 · trade media
SoFi Securities (Hong Kong) Limited confirmed a data breach discovered on April 30, 2026.
incident_disclosure_datecyber incident timingcyber
Market relevance: establishes incident timing for cyber claims notification and policy trigger analysis
BleepingComputer · 8 Jun 2026, 21:55 · trade media
No insured loss estimate has been disclosed.
no_insured_loss_estimateseverity uncertaintyCyber
Market relevance: Absence of any loss estimate confirms low market materiality at this stage
No insured loss estimate disclosed” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
A Hong Kong support line (+852 26938888) has been opened for affected customers.
hong_kong_support_line_establishedloss emergingvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Support line indicates active customer notification posture; relevant to notification cost estimation.
A Hong Kong support line (+852 26938888) has been established” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
Event lifecycle is 'developing' following corroboration across at least two independent sources.
lifecycle_status_developingcontextvalid from 15 Jun 2026, 23:54Cyber
Market relevance: Lifecycle status governs alerting cadence and exposure tracking for underwriters.
Source · 16 Jun 2026, 00:13
SoFi has engaged a third-party cybersecurity firm for incident response and investigation.
incident_response_engagedloss emergingvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Standard breach response; informs coverage triggers for forensic costs under cyber policies.
The subsidiary has engaged a third-party cybersecurity firm” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
A Hong Kong support line (+852 26938888) has been established for affected customers.
sofi_hk_support_lineloss estimate pendingvalid from 30 Apr 2026, 00:00Cyber
Market relevance: Support line activation supports notification cost accrual under cyber policies.
A Hong Kong support line (+852 26938888) has been established for affected customers” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
SoFi has engaged a third-party cybersecurity firm for incident response.
sofi_hk_ir_engagementloss estimate pendingvalid from 30 Apr 2026, 00:00Cyber
Market relevance: IR engagement is consistent with cyber claim notification timelines and duty-to-cooperate conditions.
SoFi has engaged a third-party cybersecurity firm” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The event remains at signal-stage maturity: confirmed breach, no quantified impact metrics, no identified London market loss mechanism.
sofi_hk_lifecycle_signalcontextvalid from 14 Jun 2026, 17:48Cyber
Market relevance: Lifecycle stage governs whether underwriters and claims teams should treat the event as actionable.
lifecycle_status: signal” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
SoFi has engaged a third-party cybersecurity firm to assist with incident response and investigation.
sofi_hk_ir_firm_engagedclaims activityvalid from 10 Jun 2026, 18:58Cyber
Market relevance: External IR engagement is consistent with cyber policy notification and claims handling triggers.
The subsidiary has engaged a third-party cybersecurity firm” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
No Hong Kong Privacy Commissioner or other regulatory action has been publicly announced in connection with the breach.
sofi_hk_no_regulator_actioncontextvalid from 10 Jun 2026, 18:58Financial Institutions
Market relevance: Regulatory action in Hong Kong would materially shift severity under cyber and FI policies.
regulatory action... has been identified at this stage” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
No regulatory action by the Hong Kong Privacy Commissioner or other authorities has been confirmed.
no_regulator_action_confirmedregulatory uncertaintyCyber
Market relevance: Regulator action would escalate notification and potential fine exposures
no regulatory action confirmed” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
A Hong Kong support line has been established for affected customers.
hk_support_line_establishedbreach notification costsCyber
Market relevance: Customer support infrastructure indicates notification process is underway
A Hong Kong support line (+852 26938888) has been established for affected customers.” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
SoFi has engaged a third-party cybersecurity firm to support incident response.
incident_response_firm_engagedcontext onlyvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Standard IR engagement; informs potential mitigation of insured loss and notification cost under cyber policies.
SoFi has engaged a third-party cybersecurity firm for incident response” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
SoFi has engaged a third-party cybersecurity firm to assist with incident response.
incident_response_engagementincident response costscyber
Market relevance: IR engagement is standard post-breach action; relevant to coverage under cyber policy first-party response costs.
BleepingComputer · 8 Jun 2026, 21:55 · trade media
SoFi Securities (Hong Kong) Limited disclosed a data breach discovered on April 30, 2026, originating from a third-party vendor's database.
incident_disclosure_sofi_hk_vendor_breachpotential third party liabilityvalid from 10 Jun 2026, 18:58cyber
Market relevance: Cyber insurance market relevance via supply-chain/third-party vendor exposure at a regulated financial services subsidiary in Hong Kong.
SoFi Securities (Hong Kong) Limited disclosed a data breach discovered on April 30, 2026” — BleepingComputer · 10 Jun 2026, 19:03

Reported8 lines

Customer data was potentially exposed through the vendor breach
structured linereported
No separate sourced-claim record is available for this line yet.
No public statement or enforcement action from the Hong Kong Privacy Commissioner or other regulators has been disclosed as of the latest update.
regulator_action_none_discloseduncertaintyvalid from 15 Jun 2026, 23:58Cyber
Market relevance: Regulator action would materially shift notification and penalty exposure under Hong Kong PDPO.
BleepingComputer · 8 Jun 2026, 21:55 · trade media
SoFi Securities (Hong Kong) Limited is a subsidiary of a US-listed fintech parent.
parent_entity_contextcontext onlyCyber
Market relevance: Parent-entity context supports assessment of incident as a contained subsidiary-level event
SoFi Securities (Hong Kong) Limited is a subsidiary of SoFi” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The event is characterized as a supply-chain cyber incident affecting a financial services entity in Hong Kong, with potential third-party liability and cyber insurance implications.
supply_chain_financial_services_hkpotential third party liabilityvalid from 10 Jun 2026, 18:58cyber
Market relevance: Supply-chain vendor breaches at financial services subsidiaries are a recurring driver of cyber and third-party liability claims, including in the London market.
BleepingComputer · 10 Jun 2026, 19:03
Customer data was potentially exposed through the third-party vendor breach; categories and volume not yet confirmed.
customer_data_potentially_exposedcontext onlyvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Potential exposure of customer personal data is the trigger for first-party notification costs, regulatory fines, and third-party liability under cyber and crime policies.
We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved.” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Customer data was potentially exposed through the vendor breach; categories and scope remain unconfirmed.
sofi_hk_customer_data_exposureloss estimate pendingvalid from 30 Apr 2026, 00:00Cyber
Market relevance: Data exposure is a precondition for notification costs, regulatory fines, and first-party cyber loss estimates.
customer data was potentially exposed through the vendor breach” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Customer data was potentially exposed through the vendor breach; specific data categories are not yet confirmed.
customer_data_exposure_potentialcyber first party costsCyber
Market relevance: Data exposure scope drives regulatory notification thresholds and potential first-party costs
We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved.” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Customer data was potentially exposed through the vendor breach; scope and categories remain undisclosed.
customer_data_exposure_scopepotential pii exposurecyber
Market relevance: Scope of personal data exposure drives regulatory notification thresholds and potential PII-related liability under Hong Kong PDPO.
We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved.” — BleepingComputer · 8 Jun 2026, 21:55 · trade media

Uncertain30 lines

Scope and categories of personal data affected
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Total number of customers impacted
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Identity of the third-party vendor
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Whether the incident involved extortion or ransomware demands
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Threat actor attribution
structured lineuncertain
No separate sourced-claim record is available for this line yet.
Total number of customers impacted by the breach has not been disclosed.
affected_customer_count_unknownuncertaintyCyber
Market relevance: Notification volume drives regulatory and first-party notification cost estimates under cyber policies.
number of affected customers... remain unknown” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
Total number of customers impacted has not been disclosed.
affected_customer_count_uncertainseverity uncertaintyCyber
Market relevance: Affected count drives regulatory notification obligations and potential class exposure
We do not yet have complete information about the scope and impact of the incident” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The total number of customers impacted has not been disclosed.
affected_customer_countscale unknowncyber
Market relevance: Customer count is a key driver for notification costs, potential class action exposure, and regulatory thresholds.
We do not yet have complete information about the scope and impact of the incident” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
It is unconfirmed whether the incident involved extortion or ransomware demands; threat actor attribution is also unknown.
sofi_hk_extortion_ransomware_uncertainloss estimate pendingCyber
Market relevance: Extortion or ransomware activity would activate different cyber coverage sub-limits (e.g., ransom, business interruption).
any extortion or ransomware component remain unconfirmed” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
No Hong Kong Privacy Commissioner or other regulator action has been disclosed at this stage.
sofi_hk_regulator_action_uncertainloss estimate pendingCyber
Market relevance: Regulatory action would be a material driver of insured loss under cyber and D&O policies.
any subsequent Hong Kong Privacy Commissioner or other regulator action” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The identity of the third-party vendor involved has not been disclosed.
sofi_hk_vendor_identity_uncertaincoverage trigger reviewCyber
Market relevance: Vendor identity is relevant for assessing systemic supply-chain risk and contagion to other insureds.
the vendor's identity... remain unconfirmed” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
Scope and categories of personal data affected, and the total number of customers impacted, remain unconfirmed.
sofi_hk_data_scope_uncertainloss estimate pendingCyber
Market relevance: Scope uncertainty limits insured loss banding; remains a key watch item.
We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved.” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Whether the incident involved extortion or ransomware demands has not been confirmed.
extortion_or_ransomware_unconfirmedloss mechanism uncertaintyCyber
Market relevance: Ransomware/extortion tags materially change loss mechanism and policy coverage considerations
extortion or ransomware demands have not been confirmed” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
Identity of the third-party vendor involved has not been disclosed.
third_party_vendor_identity_uncertainsupply chain exposureCyber
Market relevance: Vendor identity may surface additional policy notifications and systemic exposure across other clients
third-party data breach” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Scope and categories of personal data affected remain unconfirmed.
scope_of_personal_data_uncertainseverity uncertaintyCyber
Market relevance: Data scope drives regulatory exposure, notification thresholds, and loss severity
We do not yet have complete information about the scope and impact of the incident” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Threat actor attribution has not been disclosed.
threat_actor_attribution_unknowncontext onlyCyber
Market relevance: Attribution has limited near-term insured loss impact; may affect systemic risk narrative
Threat actor attribution is not available” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Supersession history: 1 prior/revised claim rows.
No threat actor attribution has been reported.
threat_actor_attributionattribution unknowncyber
Market relevance: Attribution may inform accumulation analysis if linked to broader threat campaigns.
BleepingComputer · 8 Jun 2026, 21:55 · trade media
The identity of the third-party vendor whose database was accessed has not been publicly disclosed.
third_party_vendor_identityvendor risk unknowncyber
Market relevance: Vendor identity is relevant to assessing concentration of vendor risk across cyber insurance portfolios.
BleepingComputer · 8 Jun 2026, 21:55 · trade media
It has not been confirmed whether the incident involved any extortion or ransomware demands.
extortion_or_ransomware_componentransomware uncertaincyber
Market relevance: Ransomware or extortion components materially affect cyber policy coverage triggers and loss severity.
BleepingComputer · 8 Jun 2026, 21:55 · trade media
The scope and categories of personal data exposed, total number of customers impacted, and identity of the third-party vendor remain unconfirmed.
vendor_breach_scope_unknownuncertain loss estimatecyber
Market relevance: Limits ability to size potential notification costs, regulatory exposure, and third-party liability under cyber and professional indemnity covers.
We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved.” — BleepingComputer · 10 Jun 2026, 19:03
No insured loss estimate has been disclosed.
insured_loss_estimate_unavailablecontext onlyvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Without an insured loss figure, severity banding under Q6 market-materiality rubric remains at the low end pending scope confirmation.
no insured loss estimate” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The identity of the third-party vendor whose database was compromised has not been disclosed.
vendor_identity_unknownuncertaintyCyber
Market relevance: Vendor identification is a key loss-driver assessment variable for cyber underwriters.
scope, number of affected customers, and specific data exposed remain unknown” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
Whether the incident involved extortion demands, ransomware, or other coercive tactics has not been confirmed.
extortion_ransomware_unconfirmeduncertaintyCrime/Fidelity
Market relevance: Ransomware/extortion triggers separate policy sub-limits and crime coverage considerations.
BleepingComputer · 8 Jun 2026, 21:55 · trade media
The categories of personal data potentially exposed have not been confirmed.
exposed_data_categories_unknownuncertaintyCyber
Market relevance: Data category drives severity of notification obligations and potential identity theft exposure.
We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved.” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The categories and scope of personal data exposed in the breach have not been confirmed by SoFi.
sofi_hk_scope_of_pii_uncertainloss watchvalid from 10 Jun 2026, 18:58Cyber
Market relevance: PII scope drives notification cost, regulatory exposure and potential insured severity under cyber and financial institution policies.
We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved.” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The total number of customers impacted by the breach has not been disclosed.
sofi_hk_customer_count_uncertainloss watchvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Customer count drives notification cost, regulatory thresholds and insured loss quantum.
scope and impact of the incident” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
It has not been confirmed whether the incident involved ransomware, extortion or any ransom demand.
sofi_hk_ransomware_uncertainloss watchvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Ransomware / extortion component is a key trigger for cyber extortion sublimits and reinsurance notification.
any extortion or ransomware component remain unconfirmed” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
No threat actor group has been attributed to the breach in public reporting.
sofi_hk_threat_actor_uncertaincontextvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Attribution informs accumulation scenarios and potential reinsurance exposure assessment.
Threat actor attribution” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The categories of personal data potentially involved (e.g., identifiers, financial, KYC) have not been confirmed.
personal_data_categories_unknowncontext onlyvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Data category mix drives regulatory severity and potential financial-fraud loss under crime/fraud cover.
whether (and, if so, which categories of) your personal data was involved” — BleepingComputer · 8 Jun 2026, 21:55 · trade media
The identity of the third-party vendor whose database was accessed has not been publicly disclosed.
third_party_vendor_identity_unknowncontext onlyvalid from 10 Jun 2026, 18:58Cyber
Market relevance: Vendor identity determines concentration of supply-chain risk, possible aggregation across other downstream insureds, and applicability of vendor cyber cover.
the scope and impact of the incident” — BleepingComputer · 8 Jun 2026, 21:55 · trade media

Geographic Zone Matches

3 active matches

  • TRIA Certified Areas
    Rule-basedConfidence 100%
  • Pacific Ring of Fire
    Rule-basedConfidence 100%
  • Caribbean Hurricane Zone
    Rule-basedConfidence 100%

Geographic zone matches are RiskEvents spatial/analytical indicators, not coverage determinations or Lloyd's official classifications.

Affected countries

🇭🇰 Hong Kong🇺🇸 United States

Latest developments

  • Summary refreshed from cited evidence.
  • PQER A6 event_resynthesis lines_of_business full replacement
  • SoFi Hong Kong subsidiary has confirmed a data breach discovered on April 30, 2026. BleepingComputer
  • The breach occurred through a third-party vendor's database, not SoFi's own systems. BleepingComputer
  • The vendor involved has not been publicly identified. BleepingComputer
  • Number of affected customers remains undisclosed. BleepingComputer
  • The categories of personal data potentially involved have not been confirmed. BleepingComputer
  • No extortion or ransomware component has been publicly confirmed. BleepingComputer

Timeline

Intelligence Refresh16 Jun 2026, 00:13
Corroboration15 Jun 2026, 23:58

SoFi Hong Kong disclosed a data breach at a third-party vendor containing customer information from its securities business. The scope, number of affected customers, and specific data exposed remain unknown. The incident represents a supply chain cyber attack on a fintech subsidiary with potential cyber liability and regulatory exposure.

Source: r/cybersecurity (Social / Community) · View source

Status Change15 Jun 2026, 23:54

Status changed to developing

evidence_trigger: corroboration >= 2

signal -> developing

Corroboration15 Jun 2026, 23:54

SoFi has disclosed a data breach affecting its Hong Kong securities subsidiary, where hackers gained unauthorized access to a third-party vendor's database containing customer information. The incident was discovered on April 30, 2026, and the scope of exposed data remains under investigation, with potential implications for cyber liability coverage and regulatory exposure across multiple jurisdictions.

Source: r/privacy (Social / Community) · View source

Initial Detection10 Jun 2026, 18:58

Initial Detection

SoFi Securities (Hong Kong) Limited disclosed a data breach discovered on April 30, 2026, in which unauthorized actors accessed customer data via a third-party vendor's database. The scope of exposed personal data remains unknown, and the company has not confirmed customer count impact, extortion demands, or vendor identity. This is a supply-chain cyber incident affecting a financial services entity in Hong Kong, with potential third-party liability and cyber insurance implications.

We do not yet have complete information about the scope and impact of the incident, or whether (and, if so, which categories of) your personal data was involved.

Source: BleepingComputer (Trade Media) · View source

Lloyd's classifications

Tracking this kind of risk? Get an email when Cyber events escalate.

Get alerts
← Back to live events