The third annual “BugHunting Campaign”, jointly organised by the Hong Kong Police Force, the Office of the Privacy Commissioner for Personal Data, and Cyberbay, a crowdsourced cybersecurity company, has concluded successfully. The Awards Gala was held on October 3, 2025 at The Langham Hong Kong, with a total of 55 organizations that successfully remediate vulnerabilities within the given timeframe or demonstrated a solid cybersecurity foundation were awarded with digital badges recognizing their commitment to cybersecurity excellence.
“BugHunting 2025”was conducted over eight consecutive weeks from July to August this year. Through network vulnerability detection, it helped participating organisations understand their cybersecurity status and provided free one-on-one professional consultation to establish a more robust defense system. This year, a total of 185 organisations participated, a 20% increase compared to last year. Approximately 40% of them were startups or local small and medium-sized enterprises (SMEs), while 20% were non-profit organisations or public institutions. The participating organisations covered industries such as finance, technology, tourism, healthcare, education, and manufacturing, reflecting the growing emphasis on cybersecurity across various sectors in Hong Kong.
Through the collaboration of AI technology and cybersecurity experts, 223 vulnerabilities were identified across the participating organizations, a 150% increase compared to the previous year. Of these, 3% were classified as critical and 1% as high-risk. Over 90% of the participating organizations exhibited vulnerabilities. After technical tests, participating organizations received multiple remediation recommendations on average, half of which were high-priority improvements, such as enhancing customer data protection, securing business accounts, and preventing phishing emails.
“BugHunting 2025” is an annual cybersecurity initiative designed to bolster the digital safety of Hong Kong’s business landscape. By uniting corporations, cybersecurity experts, and regulatory bodies, the campaign works proactively to identify and remediate vulnerabilities, enhance defensive capabilities, and promote a robust culture of cybersecurity.
The following is a list of badge-winning organisations (in no particular order):
Badge-winner
| AKA | Hospital Authority | YMCA of Hong Kong |
| Bank Consortium Trust Company Limited | JS Global Lifestyle Company Limited | 基督教香港信義會 |
| Animomo Limited | Link-Ages Collaborative Careforce | Jacobson van den Berg (Hong Kong) Ltd |
| Bank of China Group Insurance Co. Ltd | MTR Corporation Limited | Wah Sum Electrical Engineering Supplies Ltd |
| Citybase Property Management Limited | MyTV Super Limited | Yip's Chemical Holdings Limited |
| Competition Commission | Vanke Holdings (Hong Kong) Company Limited | iHashing |
| Daikin Airconditioning (Hong Kong) Ltd. | Our Hong Kong Foundation | Henderson Land Development Company Limited |
| Butler | Nano Insurance | Alva Hotel by Royal |
| ECT Eichi Technology International Limited | Post Easy King Limited | BeeShared |
| Deacons | Rakuten Securities Hong Kong Limited | FICO International Ltd |
| Go4fiber | Swire Coca-Cola Ltd | HKU SPACE |
| Fubon Securities HK | Snaildy Education Limited | IPP International Wealth Management Limited |
| Hip Shing Hong (Holdings) Company Limited | The YMCA of Hong Kong | Just Chat AI |
| Hankyu Hanshin Express (HK) Ltd. | The Hong Kong Federation of Youth Groups | KHI Management Ltd. |
| Hong Kong Broadband Network Limited | Tung Yick Hats Factory Ltd. | Lost HK |
| The Hong Kong University of Science and Technology | The Hong Kong Society for the Aged | Reimagine Cyberbay Ltd |
| Hong Kong Chronicles Institute | Thinking Technology Limited | The Hong Kong Academy of School Managers Limited |
| Hong Kong Examinations and Assessment Authority |
| AKA |
| Alva Hotel by Royal |
| Animomo Limited |
| Bank Consortium Trust Company Limited |
| Bank of China Group Insurance Co. Ltd |
| BeeShared |
| Butler |
| Citybase Property Management Limited |
| Competition Commission |
| Daikin Airconditioning (Hong Kong) Ltd. |
| Deacons |
| ECT Eichi Technology International Limited |
| FICO International Ltd |
| Fubon Securities HK |
| Go4fiber |
| Hankyu Hanshin Express (HK) Ltd. |
| Henderson Land Development Company Limited |
| Hip Shing Hong (Holdings) Company Limited |
| HKU SPACE |
| Hong Kong Broadband Network Limited |
| Hong Kong Chronicles Institute |
| Hong Kong Examinations and Assessment Authority |
| Hospital Authority |
| iHashing |
| IPP International Wealth Management Limited |
| Jacobson van den Berg (Hong Kong) Ltd |
| JS Global Lifestyle Company Limited |
| Just Chat AI |
| KHI Management Ltd. |
| Link-Ages Collaborative Careforce |
| Lost HK |
| MTR Corporation Limited |
| MyTV Super Limited |
| Nano Insurance |
| Our Hong Kong Foundation |
| Post Easy King Limited |
| Rakuten Securities Hong Kong Limited |
| Reimagine Cyberbay Ltd |
| Snaildy Education Limited |
| Swire Coca-Cola Ltd |
| The Hong Kong Academy of School Managers Limited |
| The Hong Kong Federation of Youth Groups |
| The Hong Kong Society for the Aged |
| The Hong Kong University of Science and Technology |
| The YMCA of Hong Kong |
| Thinking Technology Limited |
| Tung Yick Hats Factory Ltd. |
| Vanke Holdings (Hong Kong) Company Limited |
| Wah Sum Electrical Engineering Supplies Ltd |
| Yip's Chemical Holdings Limited |
| YMCA of Hong Kong |
| 基督教香港信義會 |
