Cathay Pacific data breach exposed 9.4m customers’ details

Hong Kong carrier apologizes for security incident

A security breach at airline Cathay Pacific has exposed the data of up to 9.4 million passengers.

Names, passport numbers, email addresses, birth dates, and identity card numbers were among the information accessed by hackers.

Other data accessed included 403 expired credit card numbers and 27 credit card numbers with no CVV.

The Hong Kong-based carrier did not go into further detail about how the incident happened.

A statement on Cathay Pacific’s website stated there was “no evidence” the information has been misused.

“We are very sorry for any concern this data security event may cause our passengers,” said CEO Rupert Hogg.

“We have no evidence that any personal data has been misused. No-one’s travel or loyalty profile was accessed in full, and no passwords were compromised.”

Hong Kong Police has been notified, and the company said it is contacting the relevant authorities.

Hogg also claimed Cathay Pacific is enhancing its security measures.

Turbulent times

Sam Curry, chief security officer at Cybereason, told The Daily Swig: “The Cathay Pacific breach is a clear indication that the airline industry has a target on its back, given that British Airways and Air Canada have also been in the news in recent months for material breaches of customer data and personal information.

“Collectively, black hat hackers are patient and their persistence means they are likely to be successful 100 percent of the time when they attempt to breach a system.

“This stacks the cards against the defenders, meaning that Cathay, and the airline industry as a whole, needs to rethink their strategy around network detection and start taking the fight to the hacker by going on the offensive with more advanced technologies and services that will stop threats before they can materialize.”

The incident comes just a month after a breach at British Airways leaked the personal data and payment card details of 380,000 people.

Rogue JavaScript code planted on the carrier’s online payment page was blamed for the hack, which took place over 15 days between August and September.

Security firm RiskIQ cited hacking group Magecart as responsible for the incident.

Magecart was also blamed for the July Ticketmaster breach, which exposed 40,000 customers’ card details.