Personal data of 9.4 million passengers of Cathay Pacific and subsidiary leaked, airlines say – SCMP

What happened: Hong Kong flag carrier Cathay Pacific and a regional subsidiary have disclosed that over nine million of their passengers had their personal data compromised in March. The breach involved data from travelers on the carrier as well as Hong Kong Dragon Airlines. Compromised information includes passengers’ names, nationalities, dates of birth, phone numbers, emails, physical addresses, passport numbers, and ID card numbers.

Why it’s important: While Hong Kong has no requirements for reporting data breaches, the EU’s General Data Protection Regulation regulations state that incidents like these should be reported within 72 hours. Failure to do so could result in fines of up to 4% of the responsible company’s annual income. Hong Kong privacy chief Stephen Wong Kai-yi slammed the company saying it hadn’t fulfilled its moral responsibility. He said that in light of recent events, he would be looking into amending the rules to ensure quicker reporting of incidents like these.

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

Yearly Membership

What you get

Full access to all premium content and our full archives

Members'-only newsletters

Preferential access and discounts to all TechNode events

Direct access to the TechNode newsroom

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

Yearly Membership

Chris Udemans

Christopher Udemans is a Shanghai-based data and graphics reporter. He covers Chinese artificial intelligence, mobility, and cybersecurity. You can contact him at chrisudemans [at] technode [dot] com.