Cathay Pacific announces security incident affecting passenger data – Intelligent CISO

Technologies that underpin their data processes have not been designed for today’s multi-channel digital world

Cathay Pacific, an airline headquartered in Hong Kong, announced it has discovered unauthorised access to some of its information system containing passenger data of up to 9.4 million people.

Upon discovery, the company said it took immediate action to investigate and contain the event. There is no evidence that any personal information has been misused. In a statement, the airline said the IT systems affected were ‘totally separate’ from its flight operations systems and there is no impact on flight safety.

Cathay Pacific Chief Executive Officer Rupert Hogg said: “We are very sorry for any concern this data security event may cause our passengers. We acted immediately to contain the event, commence a thorough investigation with the assistance of a leading cybersecurity firm and to further strengthen our IT security measures.

Ian Smith, Founder and CEO, Gospel Technology, said: “One of the biggest challenges for organisations today is that the technologies that underpin their data processes have not been designed for today’s multi-channel digital world. For example, the solutions that many organisations rely on were designed for an age where data was produced in limited quantities from a handful of sources, not the huge amounts of data generated from an increasing number of sources that we have today.

“As a result, regardless of the security investments, data is bound to inadvertently end up in the wrong hands which is why we continually see headlines about data breaches.