Published: 1:30pm, 27 Sep 2025Updated: 5:46pm, 27 Sep 2025
Convenience store chain Circle K has confirmed it was the victim of a cyberattack in Hong Kong and apologised to affected customers, a week after it suspended acceptance of electronic payments.
Advertisement
Circle K Hong Kong on Friday night also said the company’s IT and cybersecurity teams, along with independent cybersecurity experts, were still working to restore services, stressing the situation was now “under control”, with investigations under way.
The chain first announced last Saturday that its electronic payments, except via Octopus, had been disrupted across its 400 stores in Hong Kong, and confirmed the next day that it was suffering from network issues.
It said at the time that it could not rule out a possible cyberattack.
In a statement on Friday night, a company spokesman confirmed that the incident was caused by a network attack and apologised to affected customers, but did not state whether any customer data had been compromised.
Advertisement
The company said that while all stores remained open for business, electronic payments and some services such as parcel collection, e-wallet top-ups, bill payments and its member rewards programme remained unavailable.
Octopus card-related services and cash transactions were, however, still available.