為達最佳瀏覽效果,建議使用 Chrome、Firefox 或 Microsoft Edge 的瀏覽器。

請至Edge官網下載 請至FireFox官網下載 請至Google官網下載
晴時多雲

限制級
您即將進入之新聞內容 需滿18歲 方可瀏覽。
根據「電腦網路內容分級處理辦法」修正條文第六條第三款規定,已於網站首頁或各該限制級網頁,依台灣網站分級推廣基金會規定作標示。 台灣網站分級推廣基金會(TICRF)網站:http://www.ticrf.org.tw

《TAIPEI TIMES》 Cathay Pacific slammed over data leak delay

A Cathay Pacific passenger jet takes off from Hong Kong International Airport on Monday.
Photo: AFP

A Cathay Pacific passenger jet takes off from Hong Kong International Airport on Monday. Photo: AFP

2018/10/26 03:00

NOT ENOUGH: While the company said there was no evidence that any of the data had been misused, lawmakers asked how it could prove that was true

/ AFP, HONG KONG

Cathay Pacific came under pressure yesterday to explain why it had taken five months to admit it had been hacked and compromised the data of 9.4 million customers, including passport numbers and credit card details.

The airline on Wednesday said it had discovered suspicious activity on its network in March and confirmed unauthorized access to certain personal data in early May.

However, chief customer and commercial officer Paul Loo (盧家培) said officials wanted to have an accurate grasp on the situation before making an announcement and did not wish to “create unnecessary panic.”

News of the leak sent shares in Cathay, which was already under pressure as it struggles for customers, plunging yesterday to more than 6 percent to a nine-year low in Hong Kong trading.

Local politicians slammed the carrier, saying its response had only fueled worries.

“Whether the panic is necessary or not is not for them to decide, it is for the victim to decide. This is not a good explanation at all to justify the delay,” Legislator Charles Mok (莫乃光) said.

Legislator Elizabeth Quat (葛珮帆) said the delay was “unacceptable,” as it meant customers missed five months of opportunities to take steps to safeguard their personal data.

The airline admitted about 860,000 passport numbers, 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no card verification value were accessed.

Other compromised passenger data included nationalities, dates of births, telephone numbers, e-mail and physical addresses.

“We have no evidence that any personal data has been misused. No one’s travel or loyalty profile was accessed in full, and no passwords were compromised,” chief executive Rupert Hogg said in a statement on Wednesday.

However, Mok said the public needs to know how the company can prove that was the case.

“Such a statement doesn’t give people absolute confidence that we are completely safe, and it doesn’t mean that some of this data would not be misused later,” Mok said.

He also pointed out that the EU’s new General Data Protection Regulation says any such breach should be reported within 72 hours.

Hong Kong Privacy Commissioner for Personal Data Stephen Wong (黃繼兒) yesterday voiced “serious concern” over the breach.

He said his office would initiate a compliance check with the airline.

Cathay said it had launched an investigation and alerted the police after an ongoing IT operation revealed unauthorized access of systems containing the passenger data.

The company is in the process of contacting affected passengers and providing them with solutions to protect themselves, airline officials said.

新聞來源:TAIPEI TIMES

不用抽 不用搶 現在用APP看新聞 保證天天中獎  點我下載APP  按我看活動辦法

焦點今日熱門
看更多!請加入自由時報粉絲團

網友回應

載入中
此網頁已閒置超過5分鐘,請點擊透明黑底或右下角 X 鈕。