https://www.scmp.com/news/hong-kong/law-and-crime/article/2172796/cathay-pacific-cyberattack-far-worse-previously-thought
By Danny Lee
with additional reporting
by Karen Zhang, Alvin Lum and Simone McCarthy
South China Morning Post
12 November, 2018
A major cyberattack that saw the data of 9.4 million Cathay Pacific
Airways customers stolen by hackers was far worse than the airline has
previously admitted.
Rather than the "suspicious activity" it said it had discovered on its
billion-dollar computer network in March, the carrier revealed on Monday
that it had been the target of an intense attack lasting more than three
months.
Cathay made the shock admission in a written submission to Hong Kong
lawmakers ahead of a committee hearing to question the airline's
management team on Wednesday morning.
Such was the intensity of the attack, Cathay said internal and external IT
security experts had to focus solely on containment and prevention
throughout March, April and May.
The airline also revealed it had spent HK$1 billion (US$128 million) over
three years on IT infrastructure and security, but it was not enough to
stop what it called "sophisticated attackers" repeatedly targeting and
breaching its system.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
