Cathay Pacific took more than six months to come clean about a computer security breach affecting 9.4 million passengers. But under Hong Kong law, the airline does not even need to notify the authorities of a data breach. Photo: AFP Cathay Pacific took more than six months to come clean about a computer security breach affecting 9.4 million passengers. But under Hong Kong law, the airline does not even need to notify the authorities of a data breach. Photo: AFP
Cathay Pacific took more than six months to come clean about a computer security breach affecting 9.4 million passengers. But under Hong Kong law, the airline does not even need to notify the authorities of a data breach. Photo: AFP
Stuart Hargreaves
Opinion

Opinion

Stuart Hargreaves

The fact Cathay Pacific does not have to notify anyone of a data breach is unacceptable. The law must change

  • Stuart Hargreaves says it is inexcusable that Cathay took months to announce a security breach affecting millions. It’s about time Hong Kong updated its law
  • The government should enact an EU-style system, which requires that authorities are notified of any breach within 72 hours of it being discovered.

Cathay Pacific took more than six months to come clean about a computer security breach affecting 9.4 million passengers. But under Hong Kong law, the airline does not even need to notify the authorities of a data breach. Photo: AFP Cathay Pacific took more than six months to come clean about a computer security breach affecting 9.4 million passengers. But under Hong Kong law, the airline does not even need to notify the authorities of a data breach. Photo: AFP
Cathay Pacific took more than six months to come clean about a computer security breach affecting 9.4 million passengers. But under Hong Kong law, the airline does not even need to notify the authorities of a data breach. Photo: AFP
READ FULL ARTICLE