Cathay Pacific Admits Cyber-Attack

Questions have been raised about Cathay Pacific’s incident response after new details emerged about the world’s biggest airline data breach.

The Hong Kong carrier had originally claimed last month that it “discovered unauthorised access” to data on 9.4 million passengers and “took immediate action to investigate and contain the event.” 

Reports at the time suggested that the firm first found evidence of the activity in March and confirmed data had been accessed two months later.

That would have been bad enough, but in a new filing to the Hong Kong legislature (LegCo) this week the airline admitted that after discovering the initial suspicious activity it “was subject to further attacks which were at their most intense in March, April and May but continued thereafter.”

“These ongoing attacks meant that internal and external IT security resources had to remain focused on containment and prevention,” it continued. “They also expanded the scope of potentially accessed data, making the challenge of understanding it more lengthy and complex…”

Under local laws, Cathay wasn’t mandated to notify the authorities immediately of a breach, but the fact that it couldn’t work out until August which passenger data had been accessed or exfiltrated will raise some eyebrows.

The SAR’s privacy commissioner said last week that it was launching a compliance investigation into the firm’s handling of the breach, and new data protection laws may be rolled out in the city-state.

The airline is said to be working with 27 regulators in 15 jurisdictions following the incident, although it could escape GDPR investigation given the initial intrusion was discovered in March.

The airline's assurance that there’s been no evidence of misuse of the stolen data is meaningless, according to High-Tech Bridge CEO, Ilia Kolochenko.

“Worse, it may mean that someone very smart is exploiting the data in a non-trivial way, and probably very detrimental for the victims. Moreover, the stolen data can appear for sale on the black market at any time,” he added.

“Taking into consideration the gravity of the breach, customers of Cathay will likely have no reliable recourse apart from promptly changing all their credit cards and IDs. Cathay may face numerous class actions and individual lawsuits from disgruntled customers, in parallel with severe monetary sanctions imposed by regulators from different countries.”

Infosecurity Magazine:

You Might Also Read:

British Airways Hack Was Much Bigger Than First Admitted:

 

« Maritime Cybersecurity Takes A Big Step Forward
The GDPR Disclosure Problem »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Identity Theft Resource Center (ITRC)

Identity Theft Resource Center (ITRC)

ITRC is a non-profit organization established to empower and guide consumers, victims, business and government to minimize risk and mitigate the impact of identity compromise and crime.

Checkmarx

Checkmarx

Checkmarx provides state-of-the-art application security solutions with static code analysis software.

QASymphony

QASymphony

QASymphony software testing and QA tools help companies create better software by improving speed, efficiency and collaboration during the testing lifecycle.

Secure Thingz

Secure Thingz

Secure Thingz focus on developing and delivering advanced security solutions into the emerging Industrial Internet of Things (IIoT) and Critical Infrastructure markets.

VivoSecurity

VivoSecurity

VivoSecurity is a pioneer in cyber risk quantification based on data science. Our products and services help organizations achieve optimal information security and GRC programs.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

DANAK

DANAK

DANAK is the national accreditation body for Denmark. The directory of members provides details of organisations offering certification services for ISO 27001.

SubRosa Cyber Solutions

SubRosa Cyber Solutions

SubRosa Cyber Solutions solves its clients’ most tenacious information security, risk and compliance challenges through a multitude of information technology services and expertise.

Otorio

Otorio

OTORIO delivers industrial cybersecurity and digital risk-management solutions and services. We help our customers to keep their revenue-generating operations resilient, efficient, and safe.

Teleport

Teleport

Teleport is a remote-first technology company. We enable engineers to quickly access any computing resource anywhere on the planet.

Sify Technologies

Sify Technologies

Sify is the largest ICT service provider, systems integrator, and all-in-one network solutions company on the Indian subcontinent.

Digital Security by Design (DSbD)

Digital Security by Design (DSbD)

Digital Security by Design is an initiative supported by the UK government to transform digital technology and create a more resilient, and secure foundation for a safer future.

Nortal

Nortal

Nortal is a strategic digital transformation partner for leading companies and governments around the world.

MIS Solutions

MIS Solutions

MIS Solutions is a managed cloud and IT security partner making technology work for you.

US Cyber Games

US Cyber Games

US Cyber Games is committed to inform and inspire the broader community on ways to develop tomorrow’s cybersecurity workforce.

Corgea

Corgea

Corgea is AI-powered security platform that finds, triages and fixes your insecure code.