Signing up for credit cards through partner links earns us a commission. Here’s our full Advertising Policy.
Large companies suffering through hacks and data breaches is becoming the new norm. It’s one big reason why I prefer to use a credit card over a debit card. I understand and accept that huge, profitable companies are targets for cybercrime, and I can live with that. But what I don’t want to live with is those same companies trying to save face by covering up what happened!
Earlier this year British Airways came clean about a breach that happened only a day after it was discovered. But today the news broke that way back in March 2018, Cathay Pacific noticed “suspicious activity” and after an investigation, confirmed (in May!) there was a breach.
While 9.4 million accounts were affected, it looks like there were very few credit cards compromised.
Cathay Pacific has said that compromised data includes names of passengers, their nationalities, dates of birth, telephone numbers, addresses (email and snail-mail), and historical travel information, along with the following:
- 860,000 Passport numbers
- 245,000 Hong Kong identity cards
- 403 expired credit card numbers
- 27 credit card numbers with no CVV (security code)
They have said that no passwords were stolen and that they have reached out to those impacted by the hack. They claim there is no evidence any personal information gained in the attack has been misused.
I’m not sure what would qualify as evidence that any information was misused (or how you would go about finding it). But regardless, I would take what they say with a grain of salt because this is the same organization that waited ~5 months to tell us what happened.
I have a Cathay Pacific account and flew with them back in May (using Alaska Airlines miles). So I’ll be keeping a close eye on my credit report, even though I haven’t been notified that my information was affected.
While you’re here, subscribe to our newsletter so you don’t miss the important travel news!
Hat tip: God Save the Points