Oct 24, 2018, 3:47 pm
Last edit by: kaka
Cathay Pacific information site:
https://infosecurity.cathaypacific.com/en_HK.html
If you want to hold CX to legal standing for the loss of private data, the best shot would be using EU GDPR regulations:
What to write to DPO/CX ([email protected]) according to EU GDPR in very short... (ref #177)
(if CX is seen as a HK company, then EU GDPR would apply to all EU Citizen inc valid and expired (not renounced) BNO Holders; and if CX is seen managed by John Swire & Sons Ltd in the UK via Swire, then Data Protection Act 2018 (of UK) which includes GDPR would apply to EVERYONE)
https://infosecurity.cathaypacific.com/en_HK.html
If you want to hold CX to legal standing for the loss of private data, the best shot would be using EU GDPR regulations:
What to write to DPO/CX ([email protected]) according to EU GDPR in very short... (ref #177)
(if CX is seen as a HK company, then EU GDPR would apply to all EU Citizen inc valid and expired (not renounced) BNO Holders; and if CX is seen managed by John Swire & Sons Ltd in the UK via Swire, then Data Protection Act 2018 (of UK) which includes GDPR would apply to EVERYONE)
- ask for data that CX hold on you
- highlight specifically which data was lost
(there's a few things you could ask them according to GPDR... refer to the website)
They have 1 month to respond or they will have to give you a reasonable timeframe where they have to respond by within the 1 month before you can go to ICO.
If you are seeking compensation from CX the loss of private data, the following sites are dealing with class action against CX (not a legal advise)
If you are seeking compensation from CX the loss of private data, the following sites are dealing with class action against CX (not a legal advise)
- http://www.cathaydatabreach.com
- http://www.classlawdc.com/2018/10/25/cathay-pacific-data-breach-class-action-investigation/
9.4 million passengers’ data stolen from CX
Oct 25, 2018, 12:41 am
#31
Ambassador, Hong Kong and Macau
Join Date: May 2009
Location: HKG
Programs: Non-top tier Asia Miles member
Posts: 19,800
Oct 25, 2018, 12:44 am
#32
Join Date: Jan 2006
Programs: AAdvantage Asia Miles Air China
Posts: 870
Oct 25, 2018, 1:11 am
#33
Join Date: Jun 2015
Location: Jakarta
Programs: Flying Blue, Marco Polo, Skywards, Etihad Guest, IHG, Aeroplan
Posts: 269
May well be worth FT members collaborating once more information becomes available.
Last edited by rienhart87; Oct 25, 2018 at 1:12 am Reason: fix quote
Oct 25, 2018, 1:36 am
#34
Join Date: Mar 2012
Location: Vancouver, Manila, Singapore, Kuala Lumpur, Hong Kong
Programs: CX-DM, Marriott Gold, Fairmont Premier
Posts: 335
I hold a Canada passport but have mailing addresses in both Malaysia and Canada.
Either way i'm in for collaborating if I qualify
Oct 25, 2018, 1:37 am
#35
Join Date: Sep 2011
Location: MNL
Programs: CX MPO DM, Le Club Accor Platinum, World of Hyatt Explorist
Posts: 2,284
I believe what Cathay is saying is that nobody has had their full profile taken. It's more bits of data taken. Like a few numbers of a passport and half an email address. At any rate, visit infosecurity.cathaypacific.com if concerned. The good thing is that CX, unlike BA, has a coordinated response to the threat. I had to cancel two credit cards with the BA thing.
- Address
- Date of Birth
- Name
- Nationality
- Telephone Number
- Title
- Travel Document Number
a friend of mine got the following
- Date of Birth
- Email Address
- HKID Number
- Name
- Nationality
- Permit Number
- Telephone Number
- Title
- Travel Document Number
That's a lot of info....
Oct 25, 2018, 1:45 am
#36
Join Date: Sep 2011
Location: MNL
Programs: CX MPO DM, Le Club Accor Platinum, World of Hyatt Explorist
Posts: 2,284
Oct 25, 2018, 1:53 am
#37
Join Date: Mar 2012
Location: Vancouver, Manila, Singapore, Kuala Lumpur, Hong Kong
Programs: CX-DM, Marriott Gold, Fairmont Premier
Posts: 335
Here's the information taken from me,
a friend of mine got the following
That's a lot of info....
- Address
- Date of Birth
- Name
- Nationality
- Telephone Number
- Title
- Travel Document Number
a friend of mine got the following
- Date of Birth
- Email Address
- HKID Number
- Name
- Nationality
- Permit Number
- Telephone Number
- Title
- Travel Document Number
That's a lot of info....
Here's what I got.
- Address
- Date of Birth
- Email Address
- Name
- Nationality
- Telephone Number
- Title
Oct 25, 2018, 2:04 am
#38
Join Date: Jun 2013
Programs: CX DM/OWE, Marriott Titanium, Avis Preferred, National EE
Posts: 128
What happened?
As part of our ongoing IT security processes, we discovered unauthorised access to some of our passenger data.
We initially discovered suspicious activity on our network in March this year. Upon discovery, we took immediate action to contain the event, to commence a thorough investigation with the assistance of a leading cybersecurity firm, and to further strengthen our IT security measures. Unauthorised access to certain personal data was confirmed in early May. Since that time, analysis of the data has continued in order to identify affected individuals and to determine whether the data at issue could be reconstructed.
We have no evidence that any personal data has been misused. We recommend that you follow the steps outlined in this notice to help protect yourself against potential risks.
What information was involved?
The following types of personal data about you were accessed:
As part of our ongoing IT security processes, we discovered unauthorised access to some of our passenger data.
We initially discovered suspicious activity on our network in March this year. Upon discovery, we took immediate action to contain the event, to commence a thorough investigation with the assistance of a leading cybersecurity firm, and to further strengthen our IT security measures. Unauthorised access to certain personal data was confirmed in early May. Since that time, analysis of the data has continued in order to identify affected individuals and to determine whether the data at issue could be reconstructed.
We have no evidence that any personal data has been misused. We recommend that you follow the steps outlined in this notice to help protect yourself against potential risks.
What information was involved?
The following types of personal data about you were accessed:
- Date of Birth
- Email Address
- Name
- Nationality
- Telephone Number
- Title
- Travel Document Number
Oct 25, 2018, 2:09 am
#40
Join Date: Sep 2011
Location: MNL
Programs: CX MPO DM, Le Club Accor Platinum, World of Hyatt Explorist
Posts: 2,284
Oct 25, 2018, 2:09 am
#41
Join Date: Mar 2012
Location: Vancouver, Manila, Singapore, Kuala Lumpur, Hong Kong
Programs: CX-DM, Marriott Gold, Fairmont Premier
Posts: 335
What MP status are you?
My wife is at gold and parents are at silver but neither of them received the email.
Wonder if they are they really sending emails out according to MP levels? lol.
Oct 25, 2018, 2:11 am
#42
Suspended
Join Date: May 2006
Location: HKG
Programs: A3, TK *G; JL JGC; SPG,Hilton Gold
Posts: 9,952
Oct 25, 2018, 2:14 am
#44
Join Date: Jan 2007
Location: YYZ
Programs: CX GO, AC Aeroplan 25K, AMEX PLAT, Hilton Diamond, Marriott Titanium, IHG Spire Amb
Posts: 464
Same here. I am GO and my parents are GR and none of us have received the email. I find it hard to believe that we are not part of the 9.4million passengers. So probably they are actually sending the emails by status. The CX website does mention that they are sending the emails in the coming days.
Any non-DM have received the emails?
Any non-DM have received the emails?
Oct 25, 2018, 2:20 am
#45
Join Date: Apr 2012
Location: Hong Kong SAR
Programs: JL Diamond, CX Gold, HH Gold
Posts: 271