Cathay Pacific Admits Cyber-Attack

Questions have been raised about Cathay Pacific’s incident response after new details emerged about the world’s biggest airline data breach.

The Hong Kong carrier had originally claimed last month that it “discovered unauthorised access” to data on 9.4 million passengers and “took immediate action to investigate and contain the event.” 

Reports at the time suggested that the firm first found evidence of the activity in March and confirmed data had been accessed two months later.

That would have been bad enough, but in a new filing to the Hong Kong legislature (LegCo) this week the airline admitted that after discovering the initial suspicious activity it “was subject to further attacks which were at their most intense in March, April and May but continued thereafter.”

“These ongoing attacks meant that internal and external IT security resources had to remain focused on containment and prevention,” it continued. “They also expanded the scope of potentially accessed data, making the challenge of understanding it more lengthy and complex…”

Under local laws, Cathay wasn’t mandated to notify the authorities immediately of a breach, but the fact that it couldn’t work out until August which passenger data had been accessed or exfiltrated will raise some eyebrows.

The SAR’s privacy commissioner said last week that it was launching a compliance investigation into the firm’s handling of the breach, and new data protection laws may be rolled out in the city-state.

The airline is said to be working with 27 regulators in 15 jurisdictions following the incident, although it could escape GDPR investigation given the initial intrusion was discovered in March.

The airline's assurance that there’s been no evidence of misuse of the stolen data is meaningless, according to High-Tech Bridge CEO, Ilia Kolochenko.

“Worse, it may mean that someone very smart is exploiting the data in a non-trivial way, and probably very detrimental for the victims. Moreover, the stolen data can appear for sale on the black market at any time,” he added.

“Taking into consideration the gravity of the breach, customers of Cathay will likely have no reliable recourse apart from promptly changing all their credit cards and IDs. Cathay may face numerous class actions and individual lawsuits from disgruntled customers, in parallel with severe monetary sanctions imposed by regulators from different countries.”

Infosecurity Magazine:

You Might Also Read:

British Airways Hack Was Much Bigger Than First Admitted:

 

« Maritime Cybersecurity Takes A Big Step Forward
The GDPR Disclosure Problem »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

ClearDATA

ClearDATA

The ClearDATA Managed Cloud protects sensitive healthcare data using purpose-built DevOps automation, compliance and security safeguards, and healthcare expertise.

Early Warning Services

Early Warning Services

Early Warning Services identity, authentication and payment solutions empower financial institutions to make confident decisions, enable payments and mitigate fraud.

PrivateCore

PrivateCore

We protect data-in-use from hackers trying to steal data such as encryption keys, certificates, intellectual property.

SecureMetric Technology

SecureMetric Technology

SecureMetric is one of SE Asia’s leading players in the field of digital security with a focus on Software Licensing Protection, 2-Factor Authentication, Advanced Identity and Access Management, Publi

SEPPmail

SEPPmail

SEPPmail is a patented e-mail encryption solution to secure your electronic communication.

Cyber Struggle

Cyber Struggle

At Cyber Struggle, our aim is training and certifying the special forces of the cyber world.

Crosspring

Crosspring

Crosspring is an incubator/accelerator for people who have the ambition to start a successful business or want to extend their existing business in the areas of FinTech, AR, VR, Cybersecurity and SaaS

NJVC

NJVC

NJVC delivers IT automation, optimization and security to empower mission-enabling IT for customers with secure requirements.

SecureNation

SecureNation

SecureNation offers a wide variety of cutting-edge technologies and IT services to address almost any of your information security, network security and information assurance needs.

Hyperion Gray

Hyperion Gray

Hyperion Gray are a small research and development team focused on innovative work in a variety of areas including Software & Security Research, Penetration Testing, Incident Response, and Red Teaming

Ghost Security

Ghost Security

Ghost is a venture backed, product-led startup building the new standard in application security for the modern enterprise.

Aembit

Aembit

Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads

VENZA

VENZA

VENZA is a data protection company that can help organisations mitigate their vulnerabilities and ensure compliance, keeping guests and their data safe from breaches.

Daisy Corporate Services

Daisy Corporate Services

Daisy is one of the largest providers of communications and IT solutions across the UK, with a portfolio spanning unified communications, cloud, cyber security and resilience.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.