Cathay Pacific fined by UK watchdog over massive data breach

Cathay Pacific admitted the huge data breach in October 2018
Cathay Pacific admitted the huge data breach in October 2018

Hong Kong carrier Cathay Pacific has been fined HK$5 million by Britain's privacy watchdog over a huge data leak of more than nine million customers including passport numbers and credit card details.

The Information Commissioner's Office (ICO) said in a statement on Wednesday it has ordered the airline to pay 500,000 pounds (US$644,000) for "failing to protect the security of its customers' ".

Between October 2014 and May 2018, a lack of security measures on the carrier's computer systems led to a data breach involving more than 9.4 million customers around the world, according to the ICO.

"People rightly expect when they provide their to a company, that those details will be kept secure to ensure they are protected from any potential harm or fraud," Steve Eckersley, ICO Director of Investigations said. "That simply was not the case here."

He added that multiple serious deficiencies they found "fell well below" standard and the airline failed to satisfy four out of five of the National Cyber Security Centre's basic guidance points.

The Hong Kong-based airline in October 2018 admitted that about 860,000 passport numbers, 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no card verification value (CVV) were accessed.

Other compromised passenger data included nationalities, dates of birth, phone numbers, emails, and physical addresses.

Cathay said in a statement it wanted to "express its regret, and to sincerely apologise" for the breach, adding it had taken measures to enhance its IT security and spent "substantial amounts" on computing infrastructure.

The airline's share price was up more than two percent on Thursday afternoon.

© 2020 AFP

Citation: Cathay Pacific fined by UK watchdog over massive data breach (2020, March 5) retrieved 28 March 2024 from https://techxplore.com/news/2020-03-cathay-pacific-fined-uk-watchdog.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Cathay says 'most intense' period of data breach lasted months

4 shares

Feedback to editors