Cathay Pacific fined by UK regulator over data breach shortcomings
Hong Kong based Cathay Pacific has been hit with a £500,000 fine by the UK’s Information Commissioner’s Office (ICO) over a customer data breach in 2018.
The airline discovered a ‘brute-force’ hack in 2018.
However following an investigation, the ICO found its systems had been compromised since 2014.
It found ‘a catalogue of errors’ including back-up files that were not password protected and insufficient antivirus protection.
Data stolen included customer names, phone numbers, email addresses, passport and identity card numbers, and travel history.
The ICO issued the fine as it impacted more than 100,000 UK customers.
Cathay’s parent company Swire is registered in the UK.
It handed down the maximum fine of £500,000 under the Data Protection Act but it could have been so much worse for Cathay.
If the breach had continued undiscovered for just a few more weeks, Cathay would have been liable for a penalty under the new General Data Protection Regulation.
Under GDPR it could have been fined up to 4% of total revenues, which amounted to £470 million.
The airline said it has since invested ‘substantial amounts’ to beef up IT security.
"However, we are aware that in today’s world, as the sophistication of cyber-attackers continues to increase, we need to and will continue to invest in and evolve our IT security systems."
TravelMole Editorial Team
Editor for TravelMole North America and Asia pacific regions. Ray is a highly experienced (15+ years) skilled journalist and editor predominantly in travel, hospitality and lifestyle working with a huge number of major market-leading brands. He has also cover in-depth news, interviews and features in general business, finance, tech and geopolitical issues for a select few major news outlets and publishers.
EU airports bring back 100ml liquid rule
CLIA: Anti-cruise demos could cause itinerary changes in Europe
Co-pilot faints, easyJet flight issues ‘red alert’
Dozens fall ill in P&O Cruises ship outbreak
Woman dies after getting ‘entangled’ in baggage carousel