DPO.Business News and Blogs

Home ⛾ News Club Contact ☎

Contact us...

☎ +44 (0) 208 133 0242

Subscribe for monthly industry news:

25 October 2018

One month after misspelling their company name on the side of a plane, Cathay Pacific has announced that personal data of up to 9.4 million passenges has been lost. The share price dropped 6% on the day.

Cathay Pacific Data Breach

In a statement, Cathay Pacific said compromised data includes "passenger name; nationality; date of birth; phone number; email; address; passport number; identity card number; frequent flyer programme membership number; customer service remarks; and historical travel information. In addition, 403 expired credit card numbers were accessed. Twenty-seven credit card numbers with no CVV were accessed. The combination of data accessed varies for each affected passenger."

The data could be of considerable value to fraudsters.

The breach comes just over a month since British Airways had payment data from 380,000 customers hacked.

We think they could have done with data protection advisory services from DataGRC and the Data Sentinel online Data Protection training, Records Management and Compliance Assessment tools.

See the best data protection, privacy and security news...

181130 Marriott data breach - 500m customers
181126 ICO fines Uber £385k; Dutch fine them £532k
181029 Portugal fines hospital £400k
181026 DataGRC article for CILEX (lawyer regulator) - GDPR update
181025 BA security breach update 185k avios reward users
181025 Security Breach Cathay Pacific 9.5m Passengers
181024 ICO DPA'98 fines Facebook £500k
181022 High Court holds morrisons liable for data breach.
181009 ICO PECR fine Boost (findmeafuneralplan.com) £90k
181008 ICO DPA'98 fine HAL £120k
181002 ICO PECR unfine STS Commercial £60k
181001 ICO PECR fine Oaklands Assist £60k
181001 FCA fine Tesco Bank £16.4m
180928 ICO DPA'98 fine BUPA £175k
180928 ICO DPA'98 fine Equifax £500k
180907 British Airways data breach 380,000 customers
181030 DataGRC GDPR article for EyeForTravel - 3 tips for managing data breaches
180427 DataGRC article for CILEX (lawyer regulator) - GDPR overview
180322 DataGRC GDPR article for EyeForTravel - 10 practical recommendations

Add a comment or a question...

Articles made publically available on this website are general information and should never be mistaken for formal or legal advice. If you are seeking formal advice for your specific requirements, please contact our advisory team using the form above.