Hong Kong carrier Cathay Pacific has been fined HK$5 million ($645,000 approx.) by Britain's privacy watchdog over a huge data leak of more than nine million customers including passport numbers and credit card details.
The Information Commissioner's Office (ICO) said in a statement on March 4 that it has ordered the airline to pay 500,000 pounds for "failing to protect the security of its customers' personal data".
Between October 2014 and May 2019, a lack of security measures on the carrier's computer systems led to a massive data breach involving 9.4 million customers around the world, including 111,578 from the UK, according to the ICO.
"People rightly expect when they provide their personal details to a company, that those details will be kept secure to ensure they are protected from any potential harm or fraud," Steve Eckersley, ICO Director of Investigations said.
"That simply was not the case here." He added that multiple serious deficiencies they found "fell well below" standard and the airline failed to satisfy four out of five of the National Cyber Security Centre's basic guidance.
The Hong Kong-based airline in October 2018 admitted that about 860,000 passport numbers, 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no card verification value (CVV) were accessed.
Other compromised passenger data included nationalities, dates of birth, phone numbers, emails and physical addresses.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
