Data breaches and how to stop them

Amid mounting calls for a formal investigation into the massive data breaches at Cathay Pacific Airlines, Stratium Global Adviser Don Codling has warned the stolen information is a “dream scenario” for identity theft crime rings.

It has been revealed 9.4 million airline passengers had their personal details compromised when the information was stolen in March but the security breach was not made public until October.

World’s biggest data breaches

It’s the world’s biggest data breach and the latest in a string of attacks on airlines companies including British Airways and Delta Airlines. Cathay Pacific has declined to reveal how the data breach happened with the company making a statement saying no leaked personal information had been misused.

Cathay Pacific Data breach

Mr Codling, former FBI Special Agent and former chief of the FBI Cyber Division, said the breach is troubling “because of the extraordinary depth of information compromised, not only credit card details but passport information and a wealth of other specialised data”.

It is understood that names, nationalities, telephone numbers, dates of birth, email and physical addresses as well as identity card numbers, frequent flyer programs and historical travel information was obtained by hackers. Mr Codling said these type of breaches “further reinforce the necessity of wholistic database encryption and data base segmentation – not keeping credit card data in the same place as the passport data”.

Mr Codling said a top-notch incident response group should have been called in immediately – and it should not have taken six months to investigate given the size and critical nature of the stolen data.

“Consumers had ZERO chance to defend themselves for months, and credit monitoring does nothing to help proactively defend… it alerts you that you have a problem,” said Mr Codling.

Want more informative information like this? Become a corporate member to receive weekly newsletters and intelligence briefings.