Cyber.gov.au reported that scammers often take advantage of incidents to trick people into sharing personal or financial information.
Cathay Pacific Airways Limited announced in October of 2018 that there had been ‘unauthorised access’ to passenger data of approximately 9.4 million people, who were travellers with the company and its wholly owned subsidiary, Hong Kong Dragon Airlines Limited.
Although Cathay Pacific said it had no evidence that any personal information was misused, the airline is concerned about the subsequent phishing campaign for passenger information, which people may be tricked into responding to, regardless of whether their data was stolen.
We are aware that attempted phishing is taking place, and would like to remind people that emails related to this data security event will only be sent from firstname.lastname@example.org, Cathay Pacific said in an update on its website.
If you are concerned about an email you have received, Cathay Pacific recommended that you don’t click on any links, open any attachments or reply to it.
The airline is contacting affected passengers, has notified the Hong Kong Police and is notifying the relevant authorities.
So if you do receive an email about this data breach, avoid any phishing scams by checking that the ‘From address’ is email@example.com. And remember that Cathay Pacific won’t ask you to provide any personal or financial information, or your password.
If you would like to ensure you don’t have the negative press, loss of data or that your staff are well educated on how to prevent Phishing attacks, call Domain Digital on (08) 9441 6300 and ask about our comprehensive Phishing and Cyber Security education and training platform.