The View | Why Cathay Pacific’s handling of its data breach deserves praise – honesty is better than silence
- Richard Harris says the aviation giant is just one of a long list of companies preyed on by hackers but it responded with greater thoroughness and transparency
- With data breaches having become the norm, making sure that leaked information is not used illegally or immorally is a collective responsibility
I do not have to act as an apologist for Cathay Pacific; goodness knows, I have paid enough money to them over the years. But look at the evidence. Your personal data is highly available – look down, your mobile number is already a global identity card.
There is a huge amount of data collected unnecessarily and for trivial reasons. By allowing Google access to your location to find you a nearby restaurant, you send your valuable location data to servers worldwide.
I went to a conference last week whose attendees were mostly much younger than I. Call me old-fashioned, but I expected in the traditional way to be able to buy a ticket at the door as well as on the internet. It took 20 minutes – of nearing the limit of my will to live – for the helpful ticket seller to insert my title, name, address, telephone number, credit card details, and inside leg measurement into the machine, checking each item with inscrutable thoroughness. I have no idea why they needed so much information but I impatiently surrendered. Could I have said no?
Cathay’s delay of seven months in revealing the loss seems excessive. Then again, within hours I received an email stating that my name, Hong Kong ID, nationality, phone number and title had been leaked – little more information than you can retrieve from this article. Others had more clone-able material stolen, like their birthday, email address and travel document number. But is speed really more important than careful investigation when the hackers can move at the speed of light? I felt peace of mind in knowing the full limit of the breach soon after the announcement.