New Delhi: Cathay Pacific Airlines on Wednesday tweeted that it has been hit by data leak. Reports suggest that over 9.4 million passengers have been affected. However, the airlines claimed ‘we have discovered unauthorised access to some of our passenger data’. Also Read - Airtel App flaw exposes user data of more than 32 crore subscribers
“For Data Security Event support, please DM @CxInfosec for assistance,” the airlines tweeted. It also admitted data including passport numbers, email addresses, identity card numbers and credit card details was accessed. Also Read - How to find out what data apps are collecting about you
Cathay Pacific Chief Executive Officer Rupert Hogg, in a statement on the airline’s website, said, “We acted immediately to contain the event, commence a thorough investigation with the assistance of a leading cybersecurity firm, and to further strengthen our IT security measures.” He added, “We have no evidence that any personal data has been misused.” Also Read - Twitter Admits to User Data Leak, Apologises
Briefing about what all information of passengers has been accessed during the data breach, he said, “The following personal data was accessed: passenger name, nationality, date of birth, phone number, email, address, passport number, identity card number, frequent flyer programme membership number, customer service remarks, and historical travel information.” The CEO also revealed 403 expired credit card numbers and 27 credit card numbers with no CVV were accessed.
The leak comes as the troubled airline battles to stem major losses as it comes under pressure from lower-cost Chinese carriers and Middle East rivals. It booked its first back-to-back annual loss in its seven-decade history in March, and has previously pledged to cut 600 staff including a quarter of its management as part of its biggest overhaul in years.
Hogg did not mention financial compensation for passengers affected by the data leak.