Personal data of 9.4 million passengers of Cathay Pacific and subsidiary leaked, airlines say
- Information consists of passengers’ names, nationalities, dates of birth, identity card numbers and historical travel details
- Suspicious activity detected in March, prompting a cybersecurity investigation – but IT lawmaker questions why carrier waited till now to disclose breach
The personal data of 9.4 million passengers was leaked earlier this year, Cathay Pacific Airways and its subsidiary Hong Kong Dragon Airlines disclosed in a statement late on Wednesday night.
The city’s flagship carrier said it had discovered unauthorised access to some of the passenger data it managed and that of its wholly owned subsidiary, which operates under the Cathay Dragon brand.
The compromised data included passengers’ names, nationalities, dates of birth, telephone numbers, emails, physical addresses, passport numbers, identity card numbers, frequent flier programme membership numbers, customer service remarks and travel history.
In addition, about 860,000 passport numbers and 245,000 Hong Kong identity card numbers were accessed without authorisation.
