Data breach - 9.4m Cathay Pacific customers affected

Status
Not open for further replies.
AisleSeat

AisleSeat

Established Member
Joined
Nov 11, 2016
Posts
1,530
Cathay Pacific has admitted to a massive data breach in March that may have resulted in up to 9.4 million customers having personal information stolen.

Some of the information that may have been compromised includes names, date of birth, passport information, postal and email addresses, nationality and phone numbers.

Travel information, frequent flyer numbers and customer service comments were also breached - as were a total of 403 expired and 27 current credit card numbers that were devoid of CVV numbers. At the time of writing there has been no word on whether unexpired credit cards with CVVs were also compromised.

9.4 Million Cathay Pacific Customers Affected By Data Breach
 
The response by CX is a brilliant piece of PR. They take a negative event but somehow (amazingly) turn it into a positive that this hasn't affected flight safety. Like as if anyone actually thought that in the first place!
 
Anyone else notified of the following security breach today?


We are contacting you to make you aware of a data security event that involves some of your personal data. We are very sorry for any concern that this event may cause you, and this notice will provide you with information about what happened and how we can assist you.

What happened?

As part of our ongoing IT security processes, we discovered unauthorised access to some of our passenger data.

We initially discovered suspicious activity on our network in March this year. Upon discovery, we took immediate action to contain the event, to commence a thorough investigation with the assistance of a leading cybersecurity firm, and to further strengthen our IT security measures. Unauthorised access to certain personal data was confirmed in early May. Since that time, analysis of the data has continued in order to identify affected individuals and to determine whether the data at issue could be reconstructed.

We have no evidence that any personal data has been misused. We recommend that you follow the steps outlined in this notice to help protect yourself against potential risks.


What information was involved?

The following types of personal data about you were accessed:

  • Address
  • Name
  • Nationality
  • Title
Your travel or loyalty profile was not accessed in full, and your password was not compromised.
 
Have to say BA have been good about their recent data breach.my email-
On 6 September 2018, we regrettably announced that we were the target of a criminal data theft involving the personal and financial details of customers making or changing bookings at ba.com, or via the British Airways app.



Since then we’ve been conducting a thorough investigation with specialist cyber forensic investigators, liaising with the National Crime Agency. As a result of the investigation I am writing to let you know that you may have been affected by the data theft, when you made a reward booking between 21 April and 28 July 2018.



While we do not have conclusive evidence that the data was removed from British Airways’ systems, it is possible your personal data may have been compromised. This includes your full name, billing address, email address and payment card number, expiry date and CVV. As a precaution we recommend you contact your bank or card provider and follow their advice.



We are very sorry that this criminal activity has occurred. We’ll reimburse our customers who have suffered financial losses as a direct result of the theft of their payment card details. For your reassurance, we’re offering you free credit and identity monitoring services, provided by Experian, one of the UK’s leading Credit Reference agencies.
 
I was notified by CX - but I can't even remember when I last flew CX o_O
 
Check out the latest credit card signup bonus point offers
Read our AFF credit card guides and start earning more points now.

AFF Supporters can remove this and all advertisements

RooFlyer said:
yes, same. Anyone know about the security service CX have offered to provide?
Click to expand...

They have offered free 12 months ID monitoring services with Experian. According to the email, the service monitors if your personal data may be available on public websites, chat rooms, blogs, and non-public places on the internet where data can be compromised such as dark web sites.

Haven't read it yet to work out what to do, but more info is at infosecurity.cathaypacific.com.

Seems data breaches are becoming a fact of life :mad:
 
Status
Not open for further replies.

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.

Recent Posts

Currently Active Users

Total: 796 (members: 8, guests: 788)
Back
Top