Oct 24, 2018, 3:47 pm

FlyerTalk Forums Expert How-Tos and Guides

Last edit by: kaka

Cathay Pacific information site:
https://infosecurity.cathaypacific.com/en_HK.html

If you want to hold CX to legal standing for the loss of private data, the best shot would be using EU GDPR regulations:
What to write to DPO/CX ([email protected]) according to EU GDPR in very short... (ref #177)
(if CX is seen as a HK company, then EU GDPR would apply to all EU Citizen inc valid and expired (not renounced) BNO Holders; and if CX is seen managed by John Swire & Sons Ltd in the UK via Swire, then Data Protection Act 2018 (of UK) which includes GDPR would apply to EVERYONE)

ask for data that CX hold on you
highlight specifically which data was lost
(there's a few things you could ask them according to GPDR... refer to the website)

They have 1 month to respond or they will have to give you a reasonable timeframe where they have to respond by within the 1 month before you can go to ICO.

If you are seeking compensation from CX the loss of private data, the following sites are dealing with class action against CX (not a legal advise)

http://www.cathaydatabreach.com
http://www.classlawdc.com/2018/10/25/cathay-pacific-data-breach-class-action-investigation/

9.4 million passengers’ data stolen from CX

Reply Subscribe

Thread Tools

Search this Thread

Dec 14, 2018, 1:58 am

#226

Nicc HK

Join Date: Jan 2006

Programs: AAdvantage Asia Miles Air China

Posts: 870

Curious, seems to have gone quiet, any developments? Not seen anything on the newswires

kaka likes this.

Dec 14, 2018, 3:14 am

#227

blum81

Join Date: Mar 2012

Location: Vancouver, Manila, Singapore, Kuala Lumpur, Hong Kong

Programs: CX-DM, Marriott Gold, Fairmont Premier

Posts: 335

Quote:

Originally Posted by Cambo

Hahaha, Marriott/Starwood reported to have beaten CX by a huge margin. 500M accounts/bookings leaked........

yup... I got an email from Marriott. Ironically while staying at the Marriott Taipei.

I think we should place bets on which hotel chain or airline will be next lol.

kaka likes this.

Dec 14, 2018, 12:02 pm

#228

kaka

Suspended

Join Date: May 2006

Location: HKG

Programs: A3, TK *G; JL JGC; SPG,Hilton Gold

Posts: 9,952

Quote:

Originally Posted by Cambo

Hahaha, Marriott/Starwood reported to have beaten CX by a huge margin. 500M accounts/bookings leaked........

guess who was fishing for it

Dec 14, 2018, 12:31 pm

#229

Cambo

Join Date: Nov 2017

Programs: MPC-DM, Enrich-Plat

Posts: 1,310

Quote:

Originally Posted by kaka

guess who was fishing for it

I think gmail would be the biggest trophy. About everybody with an Android phone does have one or more gmail accounts.

Dec 27, 2018, 6:24 pm

#230

percysmith

Ambassador, Hong Kong and Macau

Join Date: May 2009

Location: HKG

Programs: Non-top tier Asia Miles member

Posts: 19,800

http://s.nextmedia.com/realtime/a.ph...342&a=59075764

Apple claims CX 9.4m --> TU leak --> card replace --> card theft from insecure residential mailbox

Dec 28, 2018, 2:57 am

#231

Cambo

Join Date: Nov 2017

Programs: MPC-DM, Enrich-Plat

Posts: 1,310

Quote:

Originally Posted by percysmith

http://s.nextmedia.com/realtime/a.ph...342&a=59075764

Apple claims CX 9.4m --> TU leak --> card replace --> card theft from insecure residential mailbox

I can't read the Chinese gibberish, though if your English summary does describe the reference, then I would say that blaming CX for theft from insecure mailboxes would be a very long stretch.

I am also surprised, cards don't seem to be blocked when in the mail and do have to be unblocked by the user, using a dial response phone system. At least, in Europe, this is more or less common.

And: I still did not hear ANYTHING about people whose credit card details were retrieved from CX, nor anybody reports identity theft, possibly due to the CX hack.
(Which again convinces me, this hack was a state-hack, to obtain phone/identity correlation info).

Dec 28, 2018, 3:20 am

#232

percysmith

Ambassador, Hong Kong and Macau

Join Date: May 2009

Location: HKG

Programs: Non-top tier Asia Miles member

Posts: 19,800

Quote:

Originally Posted by Cambo

I can't read the Chinese gibberish, though if your English summary does describe the reference, then I would say that blaming CX for theft from insecure mailboxes would be a very long stretch.

That's like blaming a computer owner for not patching software isn't it? Shouldn't have released buggy software in the first place.

However whether CX is the source of the info to pass Transunion is a stretch.

Jul 8, 2019, 2:39 am

#233

1010101

Join Date: Feb 2011

Posts: 5,797

BA just got hit by a HK$1.8 billion fine for their data loss. I wonder if the PCPD can/will do anything similar to CX.

Jul 8, 2019, 3:26 pm

#234

380Flyer

Suspended

Join Date: Aug 2010

Location: Vancouver

Programs: CX DM, SQ TPP, QF GO LIFE, OZ*G LIFE, Marriott TIT LIFE, WOH GLOBALIST LIFE, HH DM, BA GO LIFE

Posts: 598

Quote:

Originally Posted by 1010101

BA just got hit by a HK$1.8 billion fine for their data loss. I wonder if the PCPD can/will do anything similar to CX.

I highly doubt it since this was a fine imposed by the UK Information Commissioner's Office (ICO) where BA is based. HK laws and their commission do not have any powers to impose fines.

As for BA's fine, they will be fighting this with a tooth and nail so watch the space as this could set a precedent for other cases.

CS300 likes this.

Last edited by 380Flyer; Jul 8, 2019 at 3:32 pm

Jul 9, 2019, 12:27 am

#235

1010101

Join Date: Feb 2011

Posts: 5,797

Quote:

Originally Posted by 380Flyer

Thanks. I didn't know they couldn't impose fines. It makes me wonder what the point of them being there is, but it is HK.

BA have been made an example of as a deterrent to others, and there may well be significant penalties still to come from other ongoing court cases.

Jul 9, 2019, 4:53 am

#236

garykung

FlyerTalk Evangelist

Join Date: Aug 2009

Location: ZOA, SFO, HKG

Programs: UA 1K 0.9MM, Marriott Gold, HHonors Gold, Hertz PC, SBux Gold, TSA Pre✓

Posts: 13,811

Quote:

Originally Posted by 1010101

BA just got hit by a HK$1.8 billion fine for their data loss. I wonder if the PCPD can/will do anything similar to CX.

PCPD is weak. If you expect PCPD will do anything for you, it is more practical for you to sue CX at the Small Claims Tribunal - faster, cheaper, and effective.

Jul 9, 2019, 8:14 am

#237

plunet

Join Date: Jan 2016

Location: LON

Programs: BAEC

Posts: 3,916

In the UK the ICO is acting jointly for all the other EU data regulators, and when the actual final fine is agreed some of the spoils will get shared with other EU data regulators.

There is going to be a certain amount of headline grabbing on the BA one as the breach was the first 'big one' after the EU GDPR regulations came into effect.

Jul 9, 2019, 11:58 pm

#238

blum81

Join Date: Mar 2012

Location: Vancouver, Manila, Singapore, Kuala Lumpur, Hong Kong

Programs: CX-DM, Marriott Gold, Fairmont Premier

Posts: 335

2 months ago I had my credit card compromised. It's a card I really only use to book travel/pay for bills. Cathay, BA, Malaysia Airlines and Philippine Air are the airlines I used with the card.

Has anyone else had their credit cards compromised after the data leak?