What is the official website of HKT ?

The official website of HKT is http://www.hkt.com.

What is HKT's cybersecurity risk score?

HKT has an AI-generated cybersecurity risk score of 784 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has HKT experienced?

According to Rankiteo, HKT currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has HKT been affected by any supply chain cyber incidents ?

According to Rankiteo, HKT has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does HKT have SOC 2 Type 1 certification ?

According to Rankiteo, HKT is not certified under SOC 2 Type 1.

Does HKT have SOC 2 Type 2 certification ?

According to Rankiteo, HKT does not hold a SOC 2 Type 2 certification.

Does HKT comply with GDPR ?

According to Rankiteo, HKT is not listed as GDPR compliant.

Does HKT have PCI DSS certification ?

According to Rankiteo, HKT does not currently maintain PCI DSS compliance.

Does HKT comply with HIPAA ?

According to Rankiteo, HKT is not compliant with HIPAA regulations.

Does HKT have ISO 27001 certification ?

According to Rankiteo,HKT is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does HKT operate in ?

HKT operates primarily in the Software Development industry.

How many employees does HKT have ?

HKT employs approximately 7,955 people worldwide.

Does HKT own any subsidiaries ?

HKT presently has no subsidiaries across any sectors.

How many LinkedIn followers does HKT have ?

HKT's official LinkedIn profile has approximately 38,946 followers.

What is the NAICS classification code for HKT ?

HKT is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does HKT have a Crunchbase profile ?

No, HKT does not have a profile on Crunchbase.

Does HKT have a LinkedIn profile ?

Yes, HKT maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/hkt.

How many cybersecurity incidents has HKT experienced ?

As of June 30, 2026, Rankiteo reports that HKT has not experienced any cybersecurity incidents.

How many peer or competitor companies does HKT have ?

HKT has an estimated 30,224 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

HKT

Boost Score +25 with badge (5 left)

784

/1000

Fair

809

/1000

Good

HKT Vendor Cyber Rating & Cyber Score

hkt.com

Add Your Compliance Badge

HKT is a technology, media, and telecommunication leader with more than 150 years of history in Hong Kong. As the city’s true 5G provider, HKT connects businesses and people locally and globally. Our end-to-end enterprise solutions make us a market-leading digital transformation partner of choice for businesses, whereas our comprehensive connectivity and smart living offerings enrich people‘s lives and cater for their diverse needs for work, entertainment, education, well-being, and even a sustainable low-carbon lifestyle. Together with our digital ventures which support digital economy development and help connect Hong Kong to the world as an international financial centre, HKT endeavours to contribute to smart city development and help

HKT A.I CyberSecurity Scoring

Scoring History

HKT

HKT CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

HKT Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for HKT

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for HKT in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for HKT in 2026.

Incident Types HKT vs Software Development Industry Avg (This Year)

No incidents recorded for HKT in 2026.

Incident History - HKT (X = Date, Y = Severity)

Loading…

SUBSIDIARY

HKT Subsidiaries

HKT

Software Development

Website: http://www.hkt.com

Company Size: 7,955

PCCW GLOBAL LimitedTelecommunications

Console ConnectTelecommunications

PCCWSoftware Development

HKT Enterprise SolutionsTelecommunications

1O1O Corporate SolutionsTelecommunications

HKT Digital Ventures - Digital CommerceTechnology, Information and Internet

HKT TeleservicesTelecommunications

Loading…

HKT Similar Companies

PayPal

paypal.com

We're championing possibilities for all by making money fast, easy, and more enjoyable. Our hope is to unlock opportunities for people in their everyday lives and empower the millions of people and businesses around the world who trust, rely, and use PayPal every day. For support, visit the PayPal Help Center. https://payp.al/help For employment opportunities, check out our job openings in the 'Jobs' tab. We're an equal opportunity employer that welcomes diversity, and offer generous benefits to help you thrive at work and in your free time. NMLS#910457: https://nmlsconsumeraccess.org/

UKG

ukg.com

UKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. It's this expertise that equips our customers with the intelligence to solve any challenge in any industry — because great organizations know their workforce is their competitive edge.

Nielsen

cb nlsn.co

Nielsen shapes the world’s media and content as a global leader in audience insights, data and analytics. Through our understanding of people and their behaviors across all channels and platforms, we empower our clients with independent and actionable intelligence so they can connect and engage with their audiences—now and into the future. Nielsen operates around the world in more than 55 countries. Learn more at http://nlsn.co/6006JMfty and connect with us on social media (LinkedIn, Twitter, Facebook and Instagram).

PedidosYa

pedidosya.com

We’re the delivery market leader in Latin America. Our platform connects over 77.000 restaurants, supermarkets, pharmacies and stores with millions of users. Nowadays we operate in more than 500 cities in Latinamerica. And we are now over 3.400 employees. PedidosYa is available for iOS, Android and Windows Phone operating systems and downloads are now over 20 million.

Xiaomi Technology

cb mi.com

Xiaomi Corporation was founded in April 2010 and listed on the Main Board of the Hong Kong Stock Exchange on July 9, 2018 (1810.HK). Xiaomi is a consumer electronics and smart manufacturing company with smartphones and smart hardware connected by an IoT platform at its core. Embracing our vision of “Make friends with users and be the coolest company in the users’ hearts”, Xiaomi continuously pursues innovations, high-quality user experience and operational efficiency. The company relentlessly builds amazing products with honest prices to let everyone in the world enjoy a better life through innovative technology. Xiaomi is one of the world's leading smartphone companies. The company has also established the world’s leading consumer AIoT (AI+IoT) platform,reached 558 million smart devices connected to its platform (excluding smartphones,laptops and tablets) as of September 30 2022. Xiaomi products are present in more than 100 countries and regions around the world. In August 2022, Xiaomi was included in the Fortune Global 500 list for the fourth year in a row, ranking 266th. The company is the fastest-rising Chinese technology conglomerate during the four-year period. Xiaomi is a constituent of the Hang Seng Index, Hang Seng China Enterprises Index, Hang Seng TECH Index and Hang Seng China 50 Index.

PhonePe

cb phonepe.com

PhonePe Group is India’s leading fintech company, proudly recognized as India’s #1 Trusted Digital Payments* Brand for three consecutive years. Our flagship product, the PhonePe app was launched in August 2016, has rapidly become the preferred consumer payments app in India. In just eight years, PhonePe has gained over 57 crore + registered users and established a digital payments acceptance network of over 4 crore+ merchants spread across Tier 2,3 cites and beyond, covering 99% of the postal codes in the country. Building on our leadership in digital payments, PhonePe Group has expanded into financial services—including insurance, lending, and wealth management—along with new consumer tech ventures such as Pincode, a hyperlocal ecommerce platform, Indus App Store - India’s first localized app store, and Share.Market- A wealth and investment platform (app & website), catering to investors and traders needs. Headquartered in India, PhonePe Group aligns its diverse portfolio of businesses with our vision We're committed to empowering every Indian by unlocking the flow of money and providing equal access to easy & secure payments and financial services.

Sage

sage.com

At Sage, we knock down barriers with information, insights, and tools to help your business flow. We provide businesses with software and services that are simple and easy to use, as we work with you to give you that feeling of confidence. Customers trust our Payroll, HR, and Finance software to make business flow with ease. From our local network of experts to our ever-growing partnerships, we are on hand to give you all the insights you need to thrive. 💚

Google

cb goo.gle

A problem isn't truly solved until it's solved for all. Googlers build products that help create opportunities for everyone, whether down the street or across the globe. Bring your insight, imagination and a healthy disregard for the impossible. Bring everything that makes you unique. Together, we can build for everyone. Check out our career opportunities at goo.gle/3DLEokh

VMware

cb broadcom.com

Broadcom's VMware software manages cloud complexity so customers can modernize infrastructure, accelerate app development, and protect workloads, wherever these reside. Our flagship cloud solutions provide the security and performance of private cloud combined with the scale and agility of public cloud. Modern app, edge infrastructure, and private AI products extend these capabilities, while security and disaster recovery help ensure that customers’ operations continue uninterrupted. From the data center to the cloud and apps to the edge, we help enterprises around the globe become more innovative, connected, resilient and secure.

Loading…

NEWS

HKT CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

December 22, 2025 04:45 AM

Cyberport unites with the Government and industry to build AI-powered cybersecurity shield for Hong Kong

Hong Kong is strengthening its digital defences as Government, industry and technology leaders join forces to confront a rapidly evolving...

Read Article

November 11, 2025 08:00 AM

Adama Builds With GoDaddy Airo

For Adama Fall, football is more than a sport - it's a platform. With roots in Senegal and a master's degree in Cybersecurity underway at...

Read Article

November 11, 2025 08:00 AM

AI agents open door to new hacking threats

Cybersecurity experts are warning that artificial intelligence agents, widely considered the next frontier in the generative AI revolution,...

Read Article

November 07, 2025 08:00 AM

The 18th JCB World Conference Held in Incheon, Republic of Korea

The 18th JCB World Conference Held in Incheon, Republic of Korea. 168 Partner Companies from 24 Countries and Regions Gather to Explore the...

Read Article

November 04, 2025 08:00 AM

BlackBerry and Universiti Kebangsaan Malaysia Announce Strategic Partnership to Advance Malaysia's Future Cyber-Defenders and Embedded Software Talent

BlackBerry Limited (NYSE:BB)(TSX:BB) and Universiti Kebangsaan Malaysia (UKM) today signed a Memorandum of Understanding (MOU), announcing a...

Read Article

October 30, 2025 07:00 AM

Decent Cybersecurity Highlights Slovakia's Tech Leadership at the EU-NZ Business Summit

Auckland, New Zealand, Oct 30, 2025 - (ACN Newswire) - At the inaugural European Union – New Zealand Business Summit, Decent Cybersecurity represented...

Read Article

October 22, 2025 07:00 AM

Malaysia Expands Deployment of BlackBerry Secure Communications for the 46th and 47th ASEAN Summits

Malaysia Expands Deployment of BlackBerry Secure Communications for the 46th and 47th ASEAN Summits. Malaysia modernizes mobile command and...

Read Article

October 17, 2025 07:00 AM

US-China trade war: America 'bans' Hong Kong's biggest telecom company; cites national security concerns

Tech News News: US regulators are probing Hong Kong telecom giant HKT, controlled by PCCW, over national security concerns.

Read Article

October 16, 2025 07:00 AM

FCC Set to Reverse Course on Telecom Cybersecurity Mandate

The Federal Communications Commission will vote next month to rescind a controversial January 2025 Declaratory Ruling that attempted to...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-8023

SUMMARY

Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM is enabled) that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-controlled request path into client-url_buffer (assembled in on_url() for HTTP/1 and copied verbatim from the :path pseudo-header for HTTP/2) without resolving ./.. segments. The static-FS handler then built the on-disk filename by directly concatenating the configured root with that raw URL (snprintk(fname, ..., "%s%s", static_fs_detail-fs_path, client-url_buffer) at http_server_http1.c:603 and http_server_http2.c:490) and opened it with fs_open(fname, FS_O_READ). Because the handler is reached via wildcard/leading-dir (fnmatch FNM_LEADING_DIR) or fallback resource matching, a request such as GET /<prefix/../../<file is dispatched to the handler and, after the underlying filesystem (e.g. LittleFS/FAT) resolves the .. segments, escapes the configured web root, letting an unauthenticated remote client read arbitrary readable files on the mounted volume (information disclosure). The HTTP server requires no TLS or authentication to reach this path. The fix adds http_server_remove_dot_segments(), which canonicalizes the path portion of the URL before resource lookup in both protocol handlers, neutralizing the traversal. Affects releases v4.0.0 through v4.4.0 for deployments that register a static-filesystem resource.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 7.5)

cvss3

Base Score: 7.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score

3.6

Exploitability

3.9

REFERENCES

CVE-2026-7656

SUMMARY

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was '((length/hop/source/target checks) && (icmp_hdr-code != 0))'. Because every legitimate ND message carries ICMPv6 code 0, an attacker setting code == 0 (the normal value) caused the entire predicate to evaluate false, so the packet was never dropped and all of the other checks were silently skipped. The bypassed checks include the mandatory Hop Limit == 255 verification (which proves an ND packet originated on-link and was not forwarded) and, for Router Advertisements, the requirement that the source be a link-local address, as well as multicast-target sanity checks. As a result, an adjacent on-link attacker — and, because the Hop-Limit-255 guard is bypassed, potentially a remote/off-link attacker whose packets would otherwise be rejected — can have forged Router Advertisement, Neighbor Solicitation, and Neighbor Advertisement messages accepted. A forged RA lets the attacker reconfigure the victim's default router, on-link prefixes (SLAAC), MTU, reachable/retransmit timers, and (with CONFIG_NET_IPV6_RA_RDNSS) DNS servers, while forged NS/NA enable neighbor-cache poisoning, enabling man-in-the-middle, traffic redirection, and denial of service. The flaw is an input-validation/authentication weakness rather than a memory-safety issue: the underlying packet-parsing primitives (net_pkt_get_data, net_pkt_read, net_pkt_skip) are independently bounds-safe and the validated 'length' is the true buffer length, so skipping the length check causes no out-of-bounds access. The defect has existed since the logic was introduced in 2018 and shipped in all releases through v4.4.0; it is fixed by splitting the condition so any failing check drops the packet.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 8.1)

cvss3

Base Score: 8.1

Complexity: LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Impact Score

5.2

Exploitability

2.8

REFERENCES

CVE-2026-51219

SUMMARY

A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

CVE-2026-51218

SUMMARY

A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

CVE-2026-10648

SUMMARY

mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before checking it for NULL. smp_packet_alloc() uses net_buf_alloc(K_NO_WAIT) against the shared MCUmgr packet pool (CONFIG_MCUMGR_TRANSPORT_NETBUF_COUNT, default 4), which returns NULL when the pool is exhausted. In default builds the __ASSERT_NO_MSG in net_buf_reset is a no-op, so net_buf_simple_reset writes through the NULL pointer (buf->len = 0; buf->data = buf->__buf), causing a fault/crash. The fragment data reaches this code from attacker-controlled bytes on the MCUmgr serial/UART/shell-console transports (smp_uart.c, smp_raw_uart.c, smp_shell.c), and a fresh buffer is allocated at the start of essentially every new packet. An attacker on the serial/console link can flood the transport to drive the 4-entry buffer pool to exhaustion and induce the NULL dereference, crashing the device (denial of service). The defect was introduced after the original MCUmgr rework and shipped in Zephyr v4.4.0. The fix moves the NULL check ahead of net_buf_reset.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 6.2)

cvss3

Base Score: 6.2

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score

3.6

Exploitability

2.5

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…