Cathay Pacific data breach affecting 9.4 million passengers

Cathay Pacific Airways Limited, the flag carrier of Hong Kong, had suffered a major data leak affecting up to 9.4 million passengers.

Cathay Pacific Airways Limited, the flag carrier of Hong Kong, admitted having suffered a major data leak affecting up to 9.4 million passengers.

Exposed data includes passport numbers, identity card numbers, email addresses, and credit card details were accessed, information exposed varies for each affected passenger.

“As part of our ongoing IT security processes, we have discovered unauthorised access to some of our passenger data.  Upon discovery, we took immediate action to contain the event, and further strengthen our IT security measures.” reads the official statement published by the airline.

The IT staff at Cathay discovered an unauthorized access of systems containing the passenger data of up 9.4 million people. Hackers also accessed 403 expired credit card numbers and twenty-seven credit card numbers with no CVV were accessed.

The company is notifying the affected passengers through multiple channels.

“We are in the process of contacting affected passengers, using multiple communications channels, and providing them with information on steps they can take to protect themselves,” said Cathay Pacific Chief Executive Officer Rupert Hogg.

“We have no evidence that any personal data has been misused.”

“The following personal data was accessed: passenger name, nationality, date of birth, phone number, email, address, passport number, identity card number, frequent flyer programme membership number, customer service remarks, and historical travel information.” Hogg added.

The company immediately reported the incident to the authorities and launched an investigation.

At the time there is no news about financial compensation for affected passengers.

Anyone who believes they may be affected can contact Cathay Pacific in the following ways:

• Via the dedicated website – infosecurity.cathaypacific.com – which provides information about the event and what to do next
• Via Cathay Pacific’s dedicated call centre available after 12:30/25OCT (GMT+8) (toll free numbers are available on infosecurity.cathaypacific.com)
• Email Cathay Pacific at infosecurity@cathaypacific.com

Recently, personal and payment card information of 380,000 British Airways customers were stolen by MageCart hackers, and the company pledged to compensate customers.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Cathay Pacific, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]