Cathay Pacific initially discovered suspicious activity on their network in March this year. Upon discovery, they took immediate action to contain the event, to commence a thorough investigation with the assistance of a leading cybersecurity firm, and to further strengthen it’s IT security measures. Unauthorised access to certain personal data was confirmed in early May. Since that time, analysis of the data has continued in order to identify affected individuals and to determine whether the data at issue could be reconstructed.
The following types of personal data of Cathay Pacific and Cathay Dragon passengers were accessed: passenger name; nationality; date of birth; phone number; email; address; passport number; identity card number; frequent flyer programme membership number; customer service remarks; and historical travel information.
The combination of data accessed varies for each affected passenger.
No-one’s travel or loyalty profile was accessed in full, and no passwords were compromised.
They are contacting affected passengers to provide information on steps that you can take to protect yourself. If you are an affected member of the Marco Polo Club, Asia Miles or a Registered User, you will be contacted individually in the coming days. In that communication, they will tell you which specific types of personal information about you may have been accessed.
If you believe you may have been affected, you can submit a request hereOpen a new window and they will tell you if they have identified your personal data as having been accessed.
Further details – https://infosecurity.cathaypacific.com