Cathay Pacific Admits Cyber-Attack

Questions have been raised about Cathay Pacific’s incident response after new details emerged about the world’s biggest airline data breach.

The Hong Kong carrier had originally claimed last month that it “discovered unauthorised access” to data on 9.4 million passengers and “took immediate action to investigate and contain the event.” 

Reports at the time suggested that the firm first found evidence of the activity in March and confirmed data had been accessed two months later.

That would have been bad enough, but in a new filing to the Hong Kong legislature (LegCo) this week the airline admitted that after discovering the initial suspicious activity it “was subject to further attacks which were at their most intense in March, April and May but continued thereafter.”

“These ongoing attacks meant that internal and external IT security resources had to remain focused on containment and prevention,” it continued. “They also expanded the scope of potentially accessed data, making the challenge of understanding it more lengthy and complex…”

Under local laws, Cathay wasn’t mandated to notify the authorities immediately of a breach, but the fact that it couldn’t work out until August which passenger data had been accessed or exfiltrated will raise some eyebrows.

The SAR’s privacy commissioner said last week that it was launching a compliance investigation into the firm’s handling of the breach, and new data protection laws may be rolled out in the city-state.

The airline is said to be working with 27 regulators in 15 jurisdictions following the incident, although it could escape GDPR investigation given the initial intrusion was discovered in March.

The airline's assurance that there’s been no evidence of misuse of the stolen data is meaningless, according to High-Tech Bridge CEO, Ilia Kolochenko.

“Worse, it may mean that someone very smart is exploiting the data in a non-trivial way, and probably very detrimental for the victims. Moreover, the stolen data can appear for sale on the black market at any time,” he added.

“Taking into consideration the gravity of the breach, customers of Cathay will likely have no reliable recourse apart from promptly changing all their credit cards and IDs. Cathay may face numerous class actions and individual lawsuits from disgruntled customers, in parallel with severe monetary sanctions imposed by regulators from different countries.”

Infosecurity Magazine:

You Might Also Read:

British Airways Hack Was Much Bigger Than First Admitted:

 

« Maritime Cybersecurity Takes A Big Step Forward
The GDPR Disclosure Problem »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

AusCERT

AusCERT

AusCERT is the premier Computer Emergency Response Team (CERT) in Australia and a leading CERT in the Asia/Pacific region

ComSec LLC

ComSec LLC

ComSec perform threat assessments to identify vulnerabilities and help protect businesses against corporate espionage via electronic eavesdropping.

Aqua Security Software

Aqua Security Software

Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines.

Trustlook

Trustlook

Trustlook's SECUREai engine delivers the performance and scalability needed to provide total threat protection against malware and other forms of attack.

Protectimus

Protectimus

Affordable two factor authentication (2FA) provider. Protect your data from theft with multi factor authentication service from Protectimus.

Genians

Genians

Genians provides the industry’s leading Network Access Control (NAC) solution, which ensures full visibility of all IP-enabled devices regardless of whether they are wired, wireless, or virtual.

NinjaJobs

NinjaJobs

NinjaJobs is a community-run job platform developed by information security professionals. We focusing strictly on cybersecurity positions.

Labs/02

Labs/02

Labs/02 is a seed-stage incubator with a mission to advance cutting-edge technology in innovative areas including AI, deep learning, autonomous transportation, and smart cities.

Kiuwan

Kiuwan

Kiuwan provide software security solutions with SAST and SCA source-code analysis that fit into your DevOps process.

astarios

astarios

astarios provide near-shore software development services including secure software development (DevSecOps), quality assurance and testing.

Wiser Market

Wiser Market

Wiser Market is a leading company in global online brand protection services, intellectual property protection, anti-Counterfeit & trademark infringements.

Blackfoot Cybersecurity

Blackfoot Cybersecurity

At Blackfoot, we work in partnership with you to deliver on-demand cyber security expertise and assurance, keeping you one step ahead of threats & compliant with regulations.

Glocomms

Glocomms

Glocomms is a leading specialist recruitment agency for the tech sector, providing permanent, contract, and multi-hire recruitment from our global hubs in San Francisco, New York, London and Berlin.

Ostra Cybersecurity

Ostra Cybersecurity

As a next-generation MSSP, Ostra Cybersecurity combines best-in-class tools, proprietary technology and exceptional talent to deliver Fortune 100-level protection for businesses of all sizes.

Plerion

Plerion

Plerion is an all-in-one Cloud Security Platform that supports workloads across AWS, Azure, and GCP delivering cloud security posture management, workload security, data security and more.

Radix Technologies

Radix Technologies

Radix offer end-to-end device management solutions, consolidating all the organization devices, processes and stakeholders into one easy-to-use management platform.