Cathay Pacific data leak: what can customers affected do to protect personal data and get redress?
- Customers should be vigilant in monitoring possible misuse of data and enable two-factor notification
- Companies may have to ultimately submit to stricter regulations governing data and revise their existing security measures
A week after Cathay Pacific Airways announced that personal information of 9.4 million customers had been leaked in a data breach in March, the public continues to wait to learn more about the cause.
Police and the privacy watchdog have launched investigations into the belated disclosure but, for the consumers who learned their information had been compromised, questions remain about how best to act and who to turn to for help.
1. What steps can individuals take to protect personal data that has been leaked?
Unlike credit card information which can be easily cancelled, some data compromised in the Cathay breach is permanent, like name and address, or information that typically would not be reissued with a new identification number, like the Hong Kong identification card.
For such data, the best policy is to be vigilant in monitoring points where it could be misused, personal data security experts said, urging consumers to scrutinise financial statements and enable two-factor identification on accounts.