New information regarding the Cathay Pacific data breach that occurred in March 2018 has surfaced. The airline previously confirmed that the breach resulted in hackers compromising the data of 9.4 million passengers.
However, now, Cathay Pacific revealed that the firm’s network was persistently attacked by the hackers in a three-months long siege. The Hong-Kong based firm said that it was subjected to attacks between March and May this year and it continued afterward as well.
“During this phase of the investigation, Cathay was subject to further attacks which were at their most intense in March, April and May but continued thereafter. These ongoing attacks meant that internal and external IT security resources had to remain focused on containment and prevention,” said Cathay Pacific in a statement.
In its previous statement, the firm had confirmed that passengers' personal details including names, nationality, dates of birth, phone numbers, email addresses, passport numbers, identity card numbers, frequent flyer membership numbers, custom service remarks and travel histories had been compromised by hackers.
However, passengers’ travel profile and passwords were not accessed in the breach. Cathay said that it is still investigating the matter. The airline said that none of the dagta stolen by the hackers has been put up on the dark web yet.
“During our investigation, Cathay has employed cybersecurity experts to search the dark web and other sites. On the basis of such searches to date, we have found no evidence that any of the stolen data has appeared in these forums. Cathay will continue these searches,” added the airline.
On October 24, 2018, the airline notified the Privacy Commissioner for Personal Data, the Hong Kong Police and the Hong Kong Stock Exchange about the breach. In addition, it also informed other regulators and the affected passengers about the unauthorized access of passengers’ data.
In the wake of the breach, Cathay set up a dedicated website and call center to assist affected customers. It is also offering ID monitoring services to the affected customers.