Cathay Pacific came under pressure yesterday to explain why it had taken five months to admit it had been hacked and compromised the data of 9.4 million customers, including passport numbers and credit card details.
The airline on Wednesday said it had discovered suspicious activity on its network in March and confirmed unauthorized access to certain personal data in early May.
However, chief customer and commercial officer Paul Loo (盧家培) said officials wanted to have an accurate grasp on the situation before making an announcement and did not wish to “create unnecessary panic.”
Photo: AFP
News of the leak sent shares in Cathay, which was already under pressure as it struggles for customers, plunging yesterday to more than 6 percent to a nine-year low in Hong Kong trading.
Local politicians slammed the carrier, saying its response had only fueled worries.
“Whether the panic is necessary or not is not for them to decide, it is for the victim to decide. This is not a good explanation at all to justify the delay,” Legislator Charles Mok (莫乃光) said.
Legislator Elizabeth Quat (葛珮帆) said the delay was “unacceptable,” as it meant customers missed five months of opportunities to take steps to safeguard their personal data.
The airline admitted about 860,000 passport numbers, 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no card verification value were accessed.
Other compromised passenger data included nationalities, dates of births, telephone numbers, e-mail and physical addresses.
“We have no evidence that any personal data has been misused. No one’s travel or loyalty profile was accessed in full, and no passwords were compromised,” chief executive Rupert Hogg said in a statement on Wednesday.
However, Mok said the public needs to know how the company can prove that was the case.
“Such a statement doesn’t give people absolute confidence that we are completely safe, and it doesn’t mean that some of this data would not be misused later,” Mok said.
He also pointed out that the EU’s new General Data Protection Regulation says any such breach should be reported within 72 hours.
Hong Kong Privacy Commissioner for Personal Data Stephen Wong (黃繼兒) yesterday voiced “serious concern” over the breach.
He said his office would initiate a compliance check with the airline.
Cathay said it had launched an investigation and alerted the police after an ongoing IT operation revealed unauthorized access of systems containing the passenger data.
The company is in the process of contacting affected passengers and providing them with solutions to protect themselves, airline officials said.
Taiwanese actress Barbie Hsu (徐熙媛) has died of pneumonia at the age of 48 while on a trip to Japan, where she contracted influenza during the Lunar New Year holiday, her sister confirmed today through an agent. "Our whole family came to Japan for a trip, and my dearest and most kindhearted sister Barbie Hsu died of influenza-induced pneumonia and unfortunately left us," Hsu's sister and talk show hostess Dee Hsu (徐熙娣) said. "I was grateful to be her sister in this life and that we got to care for and spend time with each other. I will always be grateful to
REMINDER: Of the 6.78 million doses of flu vaccine Taiwan purchased for this flu season, about 200,000 are still available, an official said, following Big S’ death As news broke of the death of Taiwanese actress and singer Barbie Hsu (徐熙媛), also known as Big S (大S), from severe flu complications, the Centers for Disease Control (CDC) and doctors yesterday urged people at high risk to get vaccinated and be alert to signs of severe illness. Hsu’s family yesterday confirmed that the actress died on a family holiday in Japan due to pneumonia during the Lunar New Year holiday. CDC Deputy Director-General Tseng Shu-hui (曾淑慧) told an impromptu news conference that hospital visits for flu-like illnesses from Jan. 19 to Jan. 25 reached 162,352 — the highest
TAIWAN DEFENSE: The initiative would involve integrating various systems in a fast-paced manner through the use of common software to obstruct a Chinese invasion The first tranche of the US Navy’s “Replicator” initiative aimed at obstructing a Chinese invasion of Taiwan would be ready by August, a US Naval Institute (USNI) News report on Tuesday said. The initiative is part of a larger defense strategy for Taiwan, and would involve launching thousands of uncrewed submarines, surface vessels and aerial vehicles around Taiwan to buy the nation and its partners time to assemble a response. The plan was first made public by the Washington Post in June last year, when it cited comments by US Indo-Pacific Commander Admiral Samuel Paparo on the sidelines of the Shangri-La Dialogue
COMBINING FORCES: The 66th Marine Brigade would support the 202nd Military Police Command in its defense of Taipei against ‘decapitation strikes,’ a source said The Marine Corps has deployed more than 100 soldiers and officers of the 66th Marine Brigade to Taipei International Airport (Songshan airport) as part of an effort to bolster defenses around the capital, a source with knowledge of the matter said yesterday. Two weeks ago, a military source said that the Ministry of National Defense ordered the Marine Corps to increase soldier deployments in the Taipei area. The 66th Marine Brigade has been tasked with protecting key areas in Taipei, with the 202nd Military Police Command also continuing to defend the capital. That came after a 2017 decision by the ministry to station