Sunday, February 28, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Cathay Pacific hit with £500,000 fine for customer data breach

March 5, 2020
in Internet Security
Cathay Pacific hit with £500,000 fine for customer data breach
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Why only one in three organizations are GDPR compliant — and the risks they’re facing as a result
ZDNet’s Danny Palmer tells Karen Roby that over a year after coming into force, these three things are still causing trouble for organizations. Read more: https://zd.net/2nxbLDO

International airline Cathay Pacific has been issued with a £500,000 fine for failing to secure the personal data of its customers.

You might also like

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

Cybercrime groups are selling their hacking skills. Some countries are buying

Why would you ever trust Amazon’s Alexa after this?

The Information Commissioner’s Office (ICO) said that, between October 2014 and May 2018 Cathay Pacific’s computer systems lacked appropriate security measures which led to customers’ personal details being exposed, 111,578 of whom were from the UK, and around 9.4 million more worldwide. The airline’s failure to secure its systems resulted in the unauthorised access to their passengers’ personal details including: names, passport and identity details, dates of birth, postal and email addresses, phone numbers and historical travel information, the ICO said, issuing the fine.

An investigation by the data protection authority found ‘a catalogue of errors’ in how the airline handled cybersecurity which resulted in the breach – which had been ongoing since at least October 2014 – not being uncovered and disclosed until May 2018.

The ICO said the attack was able to take place because back-ups were not password protected or encrypted, internet-facing servers were left unpatched despite a known vulnerability, the use of an unsupported operating system and inadequate anti-virus protection.

A lack of a software patching management strategy and users being able to remotely access systems without any sort of multi-factor authentication have also been criticised.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

Cathay Pacific only became aware of suspicious activity in March 2018 – three and a half years after the initial breach – after the database became victim of a brute-force attack as hackers tried to access additional areas by attempting to guess passwords.

Following this, a cybersecurity company was brought in to investigate the attack and the incident was referred to the ICO.

“People rightly expect when they provide their personal details to a company, that those details will be kept secure to ensure they are protected from any potential harm or fraud. That simply was not the case here,” said Steve Eckersley, ICO director of investigations.

“This breach was particularly concerning given the number of basic security inadequacies across Cathay Pacific’s system, which gave easy access to the hackers. The multiple serious deficiencies we found fell well below the standard expected,” he added.

As a result of the failures, the ICO has issued a Cathay Pacific with a fine of £500,000 – the maximum figure possible under the Data Protection Act 1998.

“The company would once again like to express its regret, and to sincerely apologise for this incident,” said a statement from Cathay Pacific.

“Substantial amounts have been spent on IT infrastructure and security over the past three years and investment in these areas will continue,” the airline added.

The Cathay Pacific data breach occurred before GDPR came into force in May 2018 which introduced significantly higher financial penalties for security breaches.

READ MORE ON CYBERSECURITY

Credit: Zdnet

Previous Post

Top 10 Most Innovative Cybersecurity Companies After RSA 2020

Next Post

Email martech consolidation shows just how important deliverability is

Related Posts

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers
Internet Security

Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers

February 27, 2021
Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
Next Post
Email martech consolidation shows just how important deliverability is

Email martech consolidation shows just how important deliverability is

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
Machine Learning as a Service (MLaaS) Market 2020 Emerging Trend and Advancement Outlook 2025
Machine Learning

Key Company Profile, Production Revenue, Product Picture and Specifications 2025

February 28, 2021
Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
New AI Machine Learning Reduces Mental Health Misdiagnosis
Machine Learning

Machine Learning May Reduce Mental Health Misdiagnosis

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
AI & ML Are Not Same. Here's Why – Analytics India Magazine
Machine Learning

AI & ML Are Not Same. Here's Why – Analytics India Magazine

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit February 28, 2021
  • Key Company Profile, Production Revenue, Product Picture and Specifications 2025 February 28, 2021
  • Cybercrime groups are selling their hacking skills. Some countries are buying February 28, 2021
  • Machine Learning May Reduce Mental Health Misdiagnosis February 28, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates