Hong Kong-based airline provider, Cathay Pacific is the latest in the long line of big corporations to be caught up in data breach issues. Previously, we reported on Facebook having data security issues, and this time it’s with an airline provider. The breach has hit Cathay Pacific hard, as their market value has dropped USD320 million (~RM1.3 billion) since news of it broke.
Founded in 1946, Cathay Pacific rose to fame in the 1960s and 1970s by being the premier Asia Pacific airline to fly between Asian nations. Since then, it has been attempting to claw its way back to profits in an increasingly crowded airline market. It has had to compete among Chinese and Middle Eastern airlines that offer direct flights, without transit via Hong Kong. Cathay Pacific did not join the low budget domestic airline crowd and as such, has had to compete in the international-only market.
The breach represents a major trust issue for Cathay’s customers as personal information was leaked and could be misused by nefarious entities. Information such as names, nationalities, birth dates, telephone numbers, emails, physical addresses, passport numbers, identity numbers, frequent flyer miles and travel history.
Customers affected by the Cathay Pacific breach are now mulling legal actions against the airline. Due to the diverse nature of customers affected by the data loss, multiple avenues of approach are available, depending on where the customers originate. Those originating from the European Union, will seek damages via the General Data Protection Regulation (GDPR). Despite the GDPR coming into effect on May 25th, Cathay only confirmed the data loss after that thus, the GDPR does apply.
Other customers who were interviewed felt their bargaining power as ordinary citizens was limited, and that group collective action would be required, but only if the governments themselves did not act against the airline.
In a related story, British Airways was also revealed to have lost customer data. Their data hack however was limited (although no less damaging) to credit card details of up to 429,000 users. The Cathay Pacific hack was only about 30 users. British Airways quickly responded that they would reimburse any customer who suffered financial loss as a direct result of the data breach.
“This is quite shocking,” said Shukor Yusof, founder of aviation consulting firm Endau Analytics in Malaysia. “It’s probably the biggest breach of information in the aviation sector.”