Cathay Pacific Admits Cyber-Attack

Uploaded on 2018-11-27 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Questions have been raised about Cathay Pacific’s incident response after new details emerged about the world’s biggest airline data breach.

The Hong Kong carrier had originally claimed last month that it “discovered unauthorised access” to data on 9.4 million passengers and “took immediate action to investigate and contain the event.” 

Reports at the time suggested that the firm first found evidence of the activity in March and confirmed data had been accessed two months later.

That would have been bad enough, but in a new filing to the Hong Kong legislature (LegCo) this week the airline admitted that after discovering the initial suspicious activity it “was subject to further attacks which were at their most intense in March, April and May but continued thereafter.”

“These ongoing attacks meant that internal and external IT security resources had to remain focused on containment and prevention,” it continued. “They also expanded the scope of potentially accessed data, making the challenge of understanding it more lengthy and complex…”

Under local laws, Cathay wasn’t mandated to notify the authorities immediately of a breach, but the fact that it couldn’t work out until August which passenger data had been accessed or exfiltrated will raise some eyebrows.

The SAR’s privacy commissioner said last week that it was launching a compliance investigation into the firm’s handling of the breach, and new data protection laws may be rolled out in the city-state.

The airline is said to be working with 27 regulators in 15 jurisdictions following the incident, although it could escape GDPR investigation given the initial intrusion was discovered in March.

The airline's assurance that there’s been no evidence of misuse of the stolen data is meaningless, according to High-Tech Bridge CEO, Ilia Kolochenko.

“Worse, it may mean that someone very smart is exploiting the data in a non-trivial way, and probably very detrimental for the victims. Moreover, the stolen data can appear for sale on the black market at any time,” he added.

“Taking into consideration the gravity of the breach, customers of Cathay will likely have no reliable recourse apart from promptly changing all their credit cards and IDs. Cathay may face numerous class actions and individual lawsuits from disgruntled customers, in parallel with severe monetary sanctions imposed by regulators from different countries.”

Infosecurity Magazine:

You Might Also Read:

British Airways Hack Was Much Bigger Than First Admitted:

 

« Maritime Cybersecurity Takes A Big Step Forward
The GDPR Disclosure Problem »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Technology Association of Georgia (TAG)

Technology Association of Georgia (TAG)

TAG's mission is to educate, promote, influence and unite Georgia's technology community to stimulate and enhance Georgia's tech-based economy.

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

Ovarro

Ovarro

Ovarro is the new name for Servelec Technologies and Primayer. Ovarro's technology is used throughout the world to monitor, control and manage critical and national infrastructure.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

Heimdal Security

Heimdal Security

Heimdal Security provides proactive protection against cyber threats including ransomware, exploit kits and financial malware.

North American Electric Reliability Corporation (NERC)

North American Electric Reliability Corporation (NERC)

NERC is a not-for-profit international regulatory authority whose mission is to assure the reliability and security of the bulk power system in North America.

Computer Forensic Services

Computer Forensic Services

Computer Forensic Services are digital evidence specialists. Practice areas include Information Security, e-Discovery, Law Enforcement Support and Litigation.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

IXDen

IXDen

IXDen provides a novel software-based approach to OT systems protection, covering Industrial IoT cybersecurity and sensor data integrity.

ICS-CSR

ICS-CSR

ICS-CSR is a research conference bringing together researchers with an interest in the security of industrial control systems.

Blu Venture Investors (BVI)

Blu Venture Investors (BVI)

Blu Venture Investors is a venture capital firm that supports early stage companies with a focus on technology in diverse domains including cybersecurity, IoT, defense and homeland security.

Axxum Technologies

Axxum Technologies

Axxum Technologies is a premier provider of Network Communications and Information Technology Security Solutions.

ActZero

ActZero

ActZero’s security platform leverages proprietary AI-based systems and full-stack visibility to detect, analyze, contain, and disrupt threats.

SeeMetrics

SeeMetrics

SeeMetrics is an automated cybersecurity performance management platform that integrates security data and business objectives into a simple interface.

Alethea

Alethea

Alethea is a technology company helping companies, nonprofits, and democracies protect themselves from harms stemming from disinformation and social media manipulation.

Socket

Socket

Socket protects software applications and critical services from malware and security threats originating in open source code.