Cyberport is being blackmailed by a ransomware group that has hacked its computer system and purportedly stolen and encrypted its data, sources said on Thursday.

The hackers are said to be demanding the technology park pay a ransom of US$300,000 to get back access to 400GB of its data, which reportedly includes personal information and photos of identity cards.

The hacker group, Trigona, is also believed to be threatening to make the data public if Cyberport doesn't pay up.

Anthony Lai, a malware analyst from Valkyrie-X Security Research, said Cyberport has been given until Tuesday to pay the ransom.

But Lai said Cyberport may not get back into its data, even if it pays the hackers.

"It is not guaranteed they will provide a legitimate decryptor for the files," he told RTHK.

"They could use the ransom money to compensate the victims instead of paying the attackers."

The park in Pokfulam has not confirmed it is being blackmailed, but said earlier that it had informed the police of a "cyber security incident" involving unauthorised access to its computer system.

Cyberport said it has shut down affected equipment and launched a thorough investigation with the help of independent cyber security experts.

Lai agreed that a comprehensive review is needed for Cyberport to plug its security loophole.

"Maybe the protocol for remote access is not secure or configured properly, such that Trigona gained access to the internal network," he said, adding that it is also possible that the group sent Cyberport employees phishing emails.

He added that the authorities could follow Singapore's lead and penalise companies over data leaks, to give firms a higher incentive to safeguard sensitive information.