Millions of Passengers’ Data Hacked in Airline Hit

Oct 25, 2018 | Blog

One of Asia’s top airlines, Cathay Pacific Airways, said a hacker accessed personal information of 9.4 million customers, becoming the target of the world’s biggest airline data breach.

Oh boy.

The airline’s shares sank dramatically, shaving $201 million off its market value, after the Hong Kong-based carrier disclosed the unauthorized access late Wednesday, 7 months after discovering the violation. While passports, addresses and emails were exposed, flight safety wasn’t compromised and there was no evidence any information has been misused, it said, without revealing details of the origin of the attack.

“This is quite shocking,” said Shukor Yusof, founder of aviation consulting firm Endau Analytics in Malaysia. “It’s probably the biggest breach of information in the aviation sector.”

“We are very sorry for any concern this data security event may cause our passengers,” CEO Rupert Hogg said in a statement. The airline is in the process of contacting affected people, he added.

It’s the latest embarrassing data breach to hit a major international airline. British Airways said the hack on its system lasted for more than 2 weeks during the months of August and September, compromising credit-card data of some 380,000 customers. Delta said in April that a cyberattack on a contractor last year exposed the payment information of “several hundred thousand customers.”

The hackers who hit Cathay gained access to 27 credit card numbers but without the cards’ security codes, and another 403 expired credit card numbers. They also accessed names, nationalities, dates of birth, telephone numbers, emails, physical addresses, numbers for passports (roughly 860,000), identity cards and frequent-flier programs, and historical travel information according to the airline.

“Upon discovery, we acted immediately to contain the event and to thoroughly investigate,” Hogg said. “We engaged one of the world’s leading cybersecurity firms to assist us, and we further strengthened our IT security systems, too.”

Hong Kong’s privacy commissioner expressed serious concern over the leak and said the office will initiate a compliance check with the airline. A dedicated website provides information about the event and what affected passengers should do next.

Some local lawmakers criticized Cathay for taking so long to reveal the breach. Lam Cheuk-ting, a member of the Legislative Council’s security committee, told reporters that many people in Hong Kong are angry and the airline should’ve taken the initiative the very first day it found out. Cathay’s Chief Customer and Commercial Officer, Paul Loo, said the airline wanted to have accurate grasp on the situation and didn’t wish to “create unnecessary panic.”

Cathay is in the midst of a 3-year transformation program, as part of which Hogg has reduced jobs starting with the carrier’s head office in Hong Kong to cut costs and introduced better business-class services on long-haul flights to help lure premium passengers.

Cathay was ranked as the 6th best airline in the world this year by Skytrax, a London-based firm that provides advisory services for carriers and airports.

As I wrote earlier this month, IT problems in the airline industry seem to be growing. And while the causes are complex, when an airline cancels your flight and blames technology, you can’t accept it with a shrug. It sounds like they need to be introduced to an unbeatable IT service with decades of experience and demonstrated expertise to solve their problems…

Contact us.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation


Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!


Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523