Cathay Pacific Hit with Fine for Long-Lasting Breach

The breach, which was active for four years, resulted in the theft of personal information on more than 9 million people.

The UKs Information Commissioners Office (ICO) has fined airline Cathay Pacific £500,000 — with a 20% discount to £400,000 if the penalty is paid by March 12 — for basic security inadequacies in a four-year data breach that lasted from 2014 until 2018.
As a result of the breach, the personal data of 9.4 million people was stolen. The stolen information included names, nationalities, dates of birth, phone numbers, email addresses, mailing addresses, passport details, frequent flier numbers, and travel histories.
Among the criticisms levied against Cathay Pacific is that it took months after the breach was found for the airline to notify regulators, a delay the company blamed on the need to fully understand the breach. Other security inadequacies noted in the order for the fine include failure to encrypt database backups containing personal data, failure to patch an Internet-facing server against a 10-year-old vulnerability, and using past-end-of-life operating systems on servers.
For more, read
here
.
Check out
The Edge
, Dark Readings new section for features, threat data, and in-depth perspectives. Todays featured story:
With New SOL4Ce Lab, Purdue U. and DoE Set Sights on National Security
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Cathay Pacific Hit with Fine for Long-Lasting Breach