ICO Issues £500k Fine To Cathay Pacific After ‘Catalogue Of Errors’ Leaves Millions Of Customer Records Exposed – Experts Reaction

145 0
Dot Your Expert Comments
Facebook Twitter WhatsApp Google LinkedIn Email

ICO has announced that it is fining Cathay Pacific £500,000 – it’s the maximum fine under the 1998 Data Protection Act, as the breach took place pre-GDPR – for multiple data protection failings that left millions of customer records exposed.

In its statement, the ICO said that: “Between October 2014 and May 2018 Cathay Pacific’s computer systems lacked appropriate security measures which led to customers’ personal details being exposed, 111,578 of whom were from the UK, and approximately 9.4 million more worldwide” and that “A catalogue of errors were found during the ICO’s investigation”.

EXPERTS COMMENTS
Cesar Cerrudo, CTO ,  IOActive
March 05, 2020
It’s absolutely vital to exercise good security hygiene, prioritise data protection and keep cyber resiliency in mind.
The Cathay Pacific breach demonstrated a litany of errors that left millions of customers’ data completely exposed for a number of years – many of which would have continued undiscovered had they not had a third party evaluation of their systems. As it took place before GDPR came into effect, the company has gotten off lightly with a £500k fine – which is the maximum penalty under the 1998 ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :


In this article