Article from BTNews 29 OCTOBER 2018
Data alarms at Cathay and BA
Personal details of up to 9.4m passengers on Cathay Pacific have been accessed in the latest security breach to hit the aviation industry. The airline said passport numbers, email addresses and expired credit card details were involved.
Chief executive Rupert Hogg apologised and said there was "no evidence" the information had been misused. The airline was contacting affected passengers, he added.
The latest breach comes weeks after British Airways revealed a major data leak had hit its customers (BTN 10 September) and a few days after BA parent company International Airlines Group (IAG) said it had affected more customers than previously believed.
IAG said its inquiry had shown the hackers may have stolen personal data relating to 77,000 payment cards not previously notified including names, billing addresses and CVV numbers. A further 108,000 cards without the attached CVV number, which acts as an additional security layer, had also been compromised.
IAG said customers potentially affected were those who had made bookings with a payment card between 21 April and 28 July this year using rewards from BA’s frequent-flyer plan.
OUR READERS' FINEST WORDS (All times and dates are GMT)
All comments are filtered to exclude any excesses but the Editor does not have to agree with what is being said. 100 words maximum
Keith Wallis, Faversham
As one of the affected CX passengers (as well as being a technology dinosaur) two things come to mind. Are airlines actually taking on board any lessons from previous hackings at BA and elsewhere or do they complacently believe it won’t happen to them or possibly think their systems are robust enough? In CX’s case they obviously weren’t which makes me wonder why not employ “white” hackers to continually test firewalls and systems? Somebody obviously left the Internet gate open to allow the hackers access. It’s a little late to close it after the hackers with data have bolted.