Cathay Pacific data breach: 9.4 million passenger information at risk

If you are not a frequent flyer Cathay Pacific airlines might not be all that well known to you. It is nonetheless one of the major international airliners out of Hong Kong – and they just reported a huge data breach.

What happened?

Cathay Pacific airlines announced that they were breached and the data of up to 9.4 million passengers was exposed. The breach was discovered in March and confirmed in May.

According to their page the following types of personal data were accessed: passenger name; nationality; date of birth; phone number; email; address; passport number; identity card number; frequent flyer program membership number; customer service remarks; and historical travel information. On top of that 403 expired credit card numbers and  27 credit card numbers with no CVV were accessed.

What to do?

Cathay Pacific airlines states that no-one’s travel or loyalty profile was accessed in full and no passwords were compromised. They claim further that there is no evidence of misuse – though how they would even be able to verify that is pretty much unclear.

No matter if any data was misused or not – the Cathay Pacific airlines breach is not the first one this year (nor will it probably be the last one).  Every new breach poses big risks for the account owners. There is some advice that can help to mitigate the risks though:

  •  Make sure your passwords are as safe as possible
  • Use a mix of upper- and lower-cases, numbers, and special characters
  • Change your passwords regularly
  • Don’t reuse passwords: Use a unique password for each of your accounts

While all this is very sensitive, especially the last tip is not necessarily easy to achieve if you have accounts on a million websites. How can you remember them all? Write them down on a sticky note? Come up with some crazy mnemonics? Sure, those are all things you could theoretically do. But it also means lots of work.

There is a solution though that can’t be mentioned often enough: use a password manager like the recently updated Avira one. It automatically generates complex passwords and keeps them safe for you.

This post is also available in: German

PR & Social Media Manager @ Avira |Gamer. Geek. Tech addict.