Ngong Ping 360 Reports Ransomware Attack and Data Breach

Ngong Ping 360, the operator of a major cable car attraction in Hong Kong, reports a ransomware attack on February 27, 2026. 

The company detected issues in its internal network on February 26 and confirmed that attackers stole data and issued a ransom demand. This internal network is separate from the cable car's operational technology and electronic payment systems, which prevented any disruption to service safety or ticketing transactions.

The compromised data includes:

• Full names of staff, annual pass holders, and tenants
• Contact details including phone numbers and email addresses
• Information on suppliers and Ngong Ping Village tenants
• Marketing campaign participants and mailing lists

The number of affected individuals is not disclosed. The company claims that no credit card or electronic payment data was stored on the affected systems.

The incident was reported to the Hong Kong Police and the Office of the Privacy Commissioner for Personal Data.

The cable car service remains operational. Security experts advise affected guests and staff to watch for phishing emails or fraudulent calls using their stolen contact details.