Cathay admits breach lasted months

Source: Xinhua | 2018-11-14

THE world’s biggest airline data breach, affecting millions of Cathay Pacific customers, was the result of a sustained cyber attack that ran for three months, the carrier has admitted, while insisting it was on alert for further intrusions.

The Hong Kong-based company was subjected to continuous breaches that were at their “most intense” from March to May but continued after, it said in a written submission to the city’s Legislative Council ahead of a panel hearing today.

It also looked to explain why it took until October 24 to reveal that 9.4 million passengers had been affected, with hackers getting access to personal information including dates of birth, phone numbers and passport numbers.

Cathay said that while the number of successful attacks had diminished, it remained concerned as “new attacks could be mounted.”

“Cathay is cognisant that changes in the cyber security threat landscape continue to evolve at pace as the sophistication of the attackers improves,” it said.

“Our plans, which include growing our team of IT security specialists, will necessarily evolve in response to this challenging environment.”

It said that the nature of the attacks, the enormous amount of investigative work and the process to identify stolen data, contributed to the length of time between initial discovery and public disclosure.

Hong Kong-listed shares in the company were up 0.57 percent in early afternoon trade.

The city’s Privacy Commissioner for Personal Data said last week it was investigating the carrier over the hack and why it took so long to tell customers. The airline admitted about 860,000 passport numbers, 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no card verification value were accessed, but insisted that there was no evidence that personal data has been misused.

“No passenger’s travel or loyalty profile was accessed in full, and no passenger passwords were compromised,” it said.

The company has apologized to passengers affected and said it was helping them to protect themselves.