Revealed late on Wednesday 24th October, Cathay Pacific announced that data of about 9.4 million passengers had been accessed without authorisation.
The company has detected suspicious activities since March this year and according to the airline, 860,000 passport numbers, about 245,000 Hong Kong ID numbers, 403 expired credit card numbers and 27 credit card numbers with no card verification value (CVV) were accessed in the breach.
“We are very sorry for any concern this data security event may cause our passengers,” said Rupert Hogg, the airline’s chief executive. “We acted immediately to contain the event, commence a thorough investigation with the assistance of a leading cyber security firm, and to further strengthen our IT security measures.”
It is said that Cathay Pacific doesn’t yet have evidence of any misuse of passengers data, but 9,4 million passengers personal info being leaked is a huge issue.
The following personal data was accessed: passenger name; nationality; date of birth; phone number; email; address; passport number; identity card number; frequent flyer programme membership number; customer service remarks; and historical travel information.
In addition, 403 expired credit card numbers were accessed. Twenty-seven credit card numbers with no CVV were accessed. The combination of data accessed varies for each affected passenger.
It said that the Hong Kong Police had been notified about the breach, here’s to hope that Cathay Pacific can resolve this as soon as possible. Even they’ve publicly claim that no passenger’s information has been compromised so far, but they are also proactively making contacts with passengers that have been effected ?