Cathay Pacific, one of the most prominent airlines in Asia, reportedly had a data breach that affected over millions of customers’ information. The data breach, according to some, was a cover up but the airlines made a truthful deny about the situation.
Cathay Pacific CEO Rupert Hogg and Chairman John Slosar said that this was one of the “most serious” in the business’s history. They also made the assurance that they’d act differently in the event that this happens in the future.
Both Slosar and Hogg were called to the city’s legislative council to prepare explanations to lawmakers on why it had taken five (5) months for them to tell that it was truly hacked. The data of over 9.4 million customers have been compromised. This includes credit card details and passport numbers.
Last March, the airlines suspected unnatural and suspicious activity. By then, they were able to confirm accesses that were unauthorized which led to the vision of personal data earlier in May. However, they did not make it public until the 24th of October.
John Slosar, the company’s Chairman said that it was never a cover up.
“I’d like to make it absolutely clear that there was never any attempt to cover anything up. I see it is one of the most serious crises that our airline has ever faced.”
More previous than this apology, Slosar told LegCo that he apologizes directly to everyone involved and to the people in Hong Kong. Just this week was when they realized that they have been a victim of a cyber-attack; it was actually for three (3) months.
Rupert Hogg said that the reason why they did not make it public immediately is that they needed ample time to establish the root and the nature of the inflitrations. So that when they release it to the public, they would be prepared. However, he also said that they regret the length of time it took for them to determine the cause.
“We’ve learnt a lot of lessons from trying to do what we believe was right, which was to get accurate information about our customers, make sure that we knew what information pertained to them. We would do it a different way tomorrow indeed.”
To conclude this, Cathay pacific said that they already made contact with the people affected by the breach. However, they did not disclose financial compensation and the possible costs it may take.
The airline promised that they’ll do a different approach next time and said that they’re considering reporting it to the public immediately in future same scenarios.