The hacking attack on Cathay Pacific’s data includes passenger data for its Hong Kong Dragon Airlines Ltd unit. Hackers were able to access 245,000 Hong Kong identity card numbers and 860,000 passport numbers among other data. Matching Hong Kong identity card numbers with passport numbers is likely to be a gold mine for China.
On Thursday, following a disclosure by Cathay Pacific Airways Ltd that data of its 9.4 million passengers had been accessed without authorization, its shares fell by more than 6% to a nine-year low.
Incidentally, the leak also included data for its Hong Kong Dragon Airlines Ltd unit.
Cathay also stated, hackers were also able to access, 403 expired credit card numbers, 27 credit card numbers with no card verification value (CVV), 245,000 Hong Kong identity card numbers as well as 860,000 passport numbers.
In March 2018, it had initially discovered suspicious activity on its network and following an investigations in early May it got confirmation that certain personal data had been accessed by hackers.
Hong Kong’s privacy commission has expressed serious concern over the data leak and has directed Cathay to notify the affected passengers of the leak as soon as possible.
On its part, Cathay stated, it had notified the Hong Kong Police of the breach and that there was no evidence, as yet, that any personal information had been misused.
The hacking attack comes at a time when the airline is undergoing a turnaround designed to cut costs and increase revenue, following back-to-back years of losses; the turnaround plan is aimed at competing better with its peers from mainland China and from the Middle East.