Cathay Pacific data breach affects 9.4 million passengers
In one of the worst data breaches in history to hit the airline industry, Cathay Pacific Airways revealed on October 24, 2018, that the personal information of up to 9.4 million passengers of the airline and its unit Hong Kong Dragon Airlines (or “Cathay Dragon”) were hacked earlier this year.
“I would like to personally inform you that we discovered unauthorized access to the passenger data of up to 9.4 million people,” Cathay Pacific CEO Rupert Hogg said in a video message posted on the company’s website on October 25, 2018, updating the airline’s passengers.
In an earlier statement, Cathay said it had discovered the data breach “as part of its ongoing IT security processes”. Apparently, the company initially discovered suspicious activity on its network back in March 2018.
Following investigations, in May 2018, the company was able to confirm that certain personal data had been accessed without authorization, CNN reports. It had since been been analyzing the data to identify which passengers were affected.
“Upon discovery, we acted immediately to contain the event and thoroughly investigate. We engaged one of the world’s leading cybersecurity firms to assist us and we further strengthened our IT security measures too,” Hogg assured.
Cathay said the accessed data includes passenger names, nationalities, dates of birth, telephone numbers, emails and addresses, passport numbers, identity card numbers and historical travel information.
So far it is known that a total of 860,000 passport numbers, about 245,000 Hong Kong identity card numbers, as well as 403 expired credit card numbers and 27 credit card numbers with no card verification value (CVV) were accessed in the breach, Reuters reports. According to the carrier, however, the combination of data accessed varies from passenger to passenger.
What will be a definite sigh of relief for Cathay’s customers is that, according Hogg, no passwords or miles were compromised in the breach: “We have no evidence that any personal data has been misused. No-one’s travel or loyalty profile was accessed in full, and no passwords were compromised.”
Cathay Pacific has repeatedly apologized for the “concern” caused to passengers by the hack. The company stated it had notified the Hong Kong Police and relevant authorities and was contacting affected passengers.
Cathay's embarrassing passenger data breach comes only a month after British Airways revealed that credit card details of about 380,000 of its customers were stolen over a two-week period between August 21, 2018, and September 5, 2018.
Emirates says Omicron could bring ‘significant traumas’ for aviation industry
Emirates airline president Tim Clark fears Omicron could seriously harm the aviation business if it impacts Decembe...
Israel to close borders to foreigners over new strain of virus
Israel will close its borders to all foreigners in an attempt to stop the spread of the Omicron variant of the COVID-19...
Australia scraps plan for Antarctica concrete runway amid environmental concerns
Australia abandons plans to build Antarctica’s first airport with a concrete runway...