The ICO, the equivalent institution of the CNIL in Great Britain, fined Cathay Pacific 500,000 pounds.
The cause for such a large sum is due to a leak of data from its information system. A leak that exposed more than 9.4 million of its customers. According to the English personal data gendarmes, the airline's information system was poorly secured, in turn the data it contained. This facilitated access to hackers who took advantage of their use.
This article will also interest you: The security of personal data managed by airports
According to the ICO (Information Commissioner's Office ) said on Monday, that nearly 111,578 British customers affected by a leak and more than 9.4 million people, people part of the customer service of the Hong Kong airline agency Cathay Pacific. The English institution is formal on the matter: the airline is 100% at fault for not having made sufficient arrangements to secure its customers' data. This negligence of the company has allowed hackers to have access to several information that may later prove very unwelcome to people concerned. The safety program used by the airline was not adapted to the protection requirements for such a system. "When providing personal information to a company, people rightly expect their data to be secure. That was not the case at all in this case," said Steve Eckersley, the ICO's head of investigations.
It is remembered that already in 2018 precisely during the month of October, the same airline had already announced a data leak from its system, after an intrusion unauthorized persons' computer. This had encouraged the compromise of a number of personal information to enable not only identify the victims and also engage targeted hacking campaigns. One of the things we were talking about was the information identification such as names and surnames, identifiers relating to passports and other biometric identities, postal addresses and electronic phone numbers dates of birth and history travel. More than 430 numbers linked to credits.
When questioned, the company Hong Konger has not denied the flaws inherent in its management of its personal data of its customers. That's why publicly announced that it had "closely cooperated with the ICO and other competent authorities" and made every effort to improve its computer security since the accident.
As a reminder, it should not be forgotten that this is not the first airline to be sanctioned by the British institution of personal data. Indeed, in 2019 precisely during the month of July it had felt the British Airways to pay the 183 million pounds. and this for the reasons that we already know that boils down to the poor protection of the personal data of its customers. "People's personal data must remain so," said Elizabeth Denham, ICO Commissioner.
Now access an unlimited number of passwords: