Airline Cathay Pacific has been found to have not followed data protection principles in relation to the security of passengers' personal data, Hong Kong's privacy watchdog said in a report published on June 6. The breach compromised 860,000 passport numbers and about 245,000 Hong Kong identity card numbers, Cathay had reported. Cathay Pacific shares slumped to nine-year lows after the October announcement. In Thursday's report the commissioner for personal data, Stephen Kai-yi Wong, criticised the airline for "lax" data governance, pointing at its failure to identify common vulnerabilities and put in place measures to plug them. A statement from the airline said it was assessing the commissioner's report, which ordered Cathay to appoint an independent data security expert to overhaul its personal data storage systems and chalk out a clear data-retention policy among other measures.

Source: The Star June 07, 2019 09:33 UTC