Cathay Pacific Airways Ltd., which is under fire for the world’s biggest airline data breach, said the sophisticated attacks lasted months as it took steps to shield its exposed computer network.
The attacks were most intense March through May and continued, Asia’s biggest airline said Monday in a written submission to Hong Kong’s legislature before a panel hearing this week. Although the number of successful attacks diminished, concerns remain “new attacks could be mounted,” the city-based airline said, apologizing to passengers for the incident.
Commenting on Cathay Pacific’s situation, Ilia Kolochenko, CEO and founder of web security company High-Tech Bridge, said:
“Unfortunately, many large organizations, including Western multinationals and even governments, are susceptible to the same risks of tremendous data breaches. Worse, many data breaches that are capable of outshining Cathay’s attack, have not been discovered and will likely never be. Very few sophisticated attacks expose stolen data or otherwise give indicators that a breach has occurred. Cybercriminals are specially paid to meticulously cover their intrusions and conduct the attacks in a stealth mode. Gigabytes of intellectual property, PII and financial data are stolen every day without being noticed, and then discreetly used by cybercriminals and their “clients”.
Talking about Cathay, “no evidence of misuse” practically means nothing. Worse, it may mean that someone very smart is exploiting the data in an untrivial way, and probably very detrimental for the victims. Moreover, the stolen data can appear for sale on the Black market at any time. Taking into consideration the gravity of the breach, customers of Cathay will likely have no reliable recourse apart from promptly changing all their credit cards and IDs. Cathay may face numerous class actions and individual lawsuits from disgruntled customers, in parallel with severe monetary sanctions imposed by regulators from different countries.“