Hong Kong-based Cathay Pacific has suffered the world’s worst airline data breach in an attack that exposed the personal and financial details of 9.4 million customers.
A hacker is said to have accessed passengers’ names, dates of birth, phone numbers, email addresses and passport numbers in an attack that occurred earlier this year. The company announced details of the attack late on Wednesday this week.
The company’s shares fell following the discovery of the attack, knocking up to $361 million off its market value.
This news comes just a month after British Airways annouced that the details of 380,000 customers had been stolen in a similar hack.
Cathay Pacific CEO Rupert Hogg said, in a statement:
We are very sorry for any concern this data security event may cause our passengers. We acted immediately to contain the event, commence a thorough investigation with the assistance of a leading cybersecurity firm, and to further strengthen our IT security measures.
We are in the process of contacting affected passengers, using multiple communications channels, and providing them with information on steps they can take to protect themselves. We have no evidence that any personal data has been misused. No-one’s travel or loyalty profile was accessed in full, and no passwords were compromised.
British Airways (and Delta, who also suffered a hack earlier this year) have since boosted spending on security—but as more and more hacks hit large companies, is it time for market leaders to start properly investing in secure systems to protect the data of their customers BEFORE attacks occur? We think so.