Last week on October 24, 2018, the Hong Kong-based carrier Cathay Pacific announced that their IT system got hacked earlier this year. The breach happened in March of 2018, right when I went on a trip with Cathay Pacific to Hong Kong. Immediate actions were taken to contain the event and in early May the unauthorized access to personal data was confirmed and millions of passengers are affected.
However, Cathay Pacific made this even public just a week ago. Which is about 5 months after the event occurred. So what was stolen?
The following personal information was accessed during the breach
- name
- nationality
- date of birth
- phone number
- address
- passport number
- frequent flyer programme membership number
- customer service remarks
- historical travel information
- credit card numbers (403 expired numbers and 27 valid numbers with no CVV)
According to their statement of October 24, 2018. The accessed date for each passenger was different and Cathay will contact the affected passengers and letting them know which data was accessed. Further on the release states that no passengers loyalty profile was accessed in full and that no passwords were compromised. In an additional statement, Cathay informed that only a handful of credit card numbers were accessed and Cathay will contact them separately about this issue.
To stay up to date with the information about the breach, check this website regularly: https://infosecurity.cathaypacific.com/
Check your email account, which you used to sign up for an account with Cathay Pacific and check your inbox and spam folders for emails from infosecurity@cathaypacific.com. Double check the exact spelling of the email, as scammers might use this event to steal your personal data. Never reply to an email with your credit card information, personal information or your account password. If you get asked for either one it is a scam and you should delete it immediately.
If you are affected, Cathay will send you an email which also has an activation code for a 12-month free subscription Experian IdentityWorks identity protection. You will get this service free of charge no matter if your credit card information was compromised or not.
I received an email on Saturday (October 27, 2018) that my title, name, and address were compromised during the hack. The email also included the above-mentioned activation code for Experian IdentityWorks.
Have you been affected?
Peter has a passion for Traveling, Photography, and Geocaching. These are the best ingredients for amazing adventures all over the globe. “Traveling is fun, no matter if you stay in a luxury hotel or travel like a backpacker.” Peter shares his experiences on his Blog www.gatetoadventures.com
Some of Peter’s photos are published on corporate websites, in-flight magazines, travel guides, and much more.