On Wednesday night, the top two executives at the Hong Kong carrier Cathay Pacific apologized on behalf of their firm, because it witnessed the world’s biggest airline hack which resulted in millions of customers’ data being compromised upon, but the hack was denied with the hope of covering up.
The CEO and chairman of the firm said- “This crisis was one of the most serious ones in the embattled firm’s history and we would act in a better and responsible way if a similar situation occurs in the future.”
The pair from the firm were summoned to the city’s legislative council wherein they were asked to explain to the lawmakers about why it took them five months to accept that the firm had been hacked and the data of about 9.4 million customers had been compromised. This data compromised included critical information of users such as passport numbers and credit card details.
Lawmakers slammed the delay on the firm’s part as a “blatant attempt” of trying to cover up the incident and consequently depriving their customers of months of opportunities which could have been used to safeguard their personal data, which was compromised due to the data breach.
John Slosar, the Chairman said: “I’d like to make it absolutely clear that there was never any attempt to cover anything up. I see it as one of the most serious crises that our airline has ever faced.”
In a statement to the LegCo, Slosar said thus- “I must personally apologise directly to you and the people of Hong Kong.”
It came as a shock to people that the breach was a result of a sustained cyber attack for three months.
In March itself, the airline had discovered various suspicious activity on its network and this was confirmed as unauthorized access that tried accessing personal data of users in the month of May. This was not put out to the public until October 24.
The CEO of the airlines, Rupert Hogg explained that the company required some time to establish and interpret the nature of attacks, understand the problem and identify stolen data, but also added that they “did regret the length of time” it took to work down on the process.
Hogg said thus- “We’ve learned a lot of lessons from trying to do what we believe was right, which was to get accurate information about our customers, make sure that we knew what information pertained to them. We would do it a different way tomorrow indeed.”
One of the lawmakers, Kwok Ka-ki questioned Slosar on whether Cathay would report of a data breach, if it occurs again in the future, to its customers immediately, Slosar readily said- “We will report instantly, yes.”
Slosar also added that the data breach issue was of public interest but the information which was hacked was not material or price sensitive.
The airline also said that it has contacted the customers who have been affected by this data breach, but hasn’t really mentioned any details regarding the financial compensation and the possible costs which might pop up due to this data breach.
Apart from all this, Cathay is already battling major losses which occurred due to high-pressure from the low-cost Chinese carriers and Middle East rivals.
The first back-to-back annual loss of Cathay was reported in March and this happened in its seven-decade history for the first time. As a result, Cathay decided to cut 600 staff which included a quarter of its management, because it considered that over hiring resulted in this overhaul.