Cathay Pacific Admits Cyber-Attack

Questions have been raised about Cathay Pacific’s incident response after new details emerged about the world’s biggest airline data breach.

The Hong Kong carrier had originally claimed last month that it “discovered unauthorised access” to data on 9.4 million passengers and “took immediate action to investigate and contain the event.” 

Reports at the time suggested that the firm first found evidence of the activity in March and confirmed data had been accessed two months later.

That would have been bad enough, but in a new filing to the Hong Kong legislature (LegCo) this week the airline admitted that after discovering the initial suspicious activity it “was subject to further attacks which were at their most intense in March, April and May but continued thereafter.”

“These ongoing attacks meant that internal and external IT security resources had to remain focused on containment and prevention,” it continued. “They also expanded the scope of potentially accessed data, making the challenge of understanding it more lengthy and complex…”

Under local laws, Cathay wasn’t mandated to notify the authorities immediately of a breach, but the fact that it couldn’t work out until August which passenger data had been accessed or exfiltrated will raise some eyebrows.

The SAR’s privacy commissioner said last week that it was launching a compliance investigation into the firm’s handling of the breach, and new data protection laws may be rolled out in the city-state.

The airline is said to be working with 27 regulators in 15 jurisdictions following the incident, although it could escape GDPR investigation given the initial intrusion was discovered in March.

The airline's assurance that there’s been no evidence of misuse of the stolen data is meaningless, according to High-Tech Bridge CEO, Ilia Kolochenko.

“Worse, it may mean that someone very smart is exploiting the data in a non-trivial way, and probably very detrimental for the victims. Moreover, the stolen data can appear for sale on the black market at any time,” he added.

“Taking into consideration the gravity of the breach, customers of Cathay will likely have no reliable recourse apart from promptly changing all their credit cards and IDs. Cathay may face numerous class actions and individual lawsuits from disgruntled customers, in parallel with severe monetary sanctions imposed by regulators from different countries.”

Infosecurity Magazine:

You Might Also Read:

British Airways Hack Was Much Bigger Than First Admitted:

 

« Maritime Cybersecurity Takes A Big Step Forward
The GDPR Disclosure Problem »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSIRT.CZ

CSIRT.CZ

CSIRT.CZ is the National Computer Security Incident Response Team of the Czech Republic.

Forcepoint

Forcepoint

Forcepoint provide a unified, cloud-centric platform that safeguards users, networks and data while eliminating the inefficiencies of managing multiple point security products.

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

Woz U

Woz U

Woz U provides best-in-class technology training for Learners, Higher-Ed and Corporations. We focus on the most in-demand occupations such as Software Development, Data Science and Cyber Security.

Sandline Discovery

Sandline Discovery

Sandline Discovery provides digital forensics, eDiscovery solutions, managed review and litigation consulting services.

Uhuru Corp

Uhuru Corp

Uhuru offers a wide variety of IoT products and solutions including enebular® IoT Orchestration Service.

Cequence Security

Cequence Security

Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection.

Data Security Inc

Data Security Inc

Data Security, Inc. is the leading American manufacturer and supplier of hard drive degaussers, magnetic tape degaussers as well as hard drive and solid state destruction devices.

Melius Cyber Security

Melius Cyber Security

Melius Cyber Security has developed a world-leading SaaS platform, Cyber Safe Plus, built around continuous assessment and improvement through vulnerability scanning and penetration testing

Wickr

Wickr

Wickr's mission is to secure the world's most critical communications. Wickr provides the highest standard of encryption trusted by millions worldwide.

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER) conducts full spectrum military cyberspace operations in order to enable freedom of action in cyberspace and deny the same to the adversary.

StrataCore

StrataCore

StrataCore is a single-source technology lifecycle advocate that works behind IT teams as a strategic partner to help them achieve peak enterprise outcomes.

Charles IT

Charles IT

Charles IT is your friendly, no-nonsense IT team focused on helping companies make their technology work for them. We focus on building relationships that deliver results.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

QEDIT

QEDIT

QEDIT is leading the standardization of Zero-Knowledge Proofs through the ZKProof.org Workshops, and builds production-grade ZKP systems for blockchain.

SolidityScan

SolidityScan

SolidityScan is an advanced smart contract scanning tool designed to uncover vulnerabilities and proactively address risks within your code.