Security News > 2020 > March > Cathay Pacific Airlines Fined Over Data Breach
The U.K. Information Commissioner's Office has fined Cathay Pacific Airways £500,000 over a data breach that exposed the personal information of 9.4 million customers, including 111,000 British citizens, during a four-year period.
A Cathay Pacific spokesman tells Information Security Media Group that the airlines cooperated with the ICO during the investigation and that it has taken steps over the last two years to improve its corporate security.
The breach of the Cathay Pacific systems started sometime in October 2014, when the attackers took advantage of an internet-facing server with known vulnerabilities and gained a foothold within the network, according to the report.
In March of 2018, Cathay Pacific security teams finally became suspicious of some of the activity within the corporate network when the airline's Active Directory was subject to a brute-force attack, which originated with an IT services provider that the company used, according to the report.
The fine issued against Cathay Pacific is the largest that the ICO could levy under the U.K. Data Protection Act of 1998, according to the report.
News URL
https://www.inforisktoday.com/cathay-pacific-airlines-fined-over-data-breach-a-13879
Related news
- French unemployment agency data breach impacts 43 million people (source)
- 43 million workers potentially affected in France Travail data breach (source)
- Fujitsu found malware on several systems, confirms data breach (source)
- Fujitsu found malware on IT systems, confirms data breach (source)
- Fujitsu finds malware on company systems, investigates possible data breach (source)
- Yacht retailer MarineMax discloses data breach after cyberattack (source)
- OWASP discloses data breach caused by wiki misconfiguration (source)
- AT&T faces lawsuits over data breach affecting 73 million customers (source)
- SurveyLama data breach exposes info of 4.4 million users (source)
- US cancer center data breach exposes info of 827,000 patients (source)