Cathay bosses hauled over the coals at LegCo for mishandling customer data leak

Cathay Pacific chairman John Slosar pic via Legislative Council live feed.
Cathay Pacific chairman John Slosar pic via Legislative Council live feed.

Cathay Pacific bosses took a pasting a the Legislative Council this morning, as lawmakers grilled the airline’s senior figures over the handling of a massive data leak that affected 9.4 passengers.

During the two-hour hearing, legislators accused Hong Kong’s flag carrier of a “cover up” after it waited several months to reveal the breach, which they later admitted was the result of a sophisticated, months-long cyber attack.

Cathay chairman John Slosar denied the airline had tried to conceal the leak, but reiterated the company’s apology.

He said efforts to identify what data was accessed or stolen before notifying passengers did not happen “as quickly as we would have liked.”

“We can understand that all of our affected passengers, and even those unaffected, can have been justifiably alarmed and concerned at the potential risks to them as a result of the data loss,” he said, adding the hack was “one of the most serious crises” the airline had faced.

“I’d like to make it absolutely clear, there was never any attempt to cover anything up. We worked extremely hard to try and understand as best we could what information that had been compromised applied to which passenger.

Lawmakers from both sides of the isle, however, were not soothed by the apologetic, could’ve done better, will do better next time, stance.

Gary Chan, from the pro-Beijing Democratic Alliance for the Betterment and Progress of Hong Kong, said he was angry about the way Cathay handled the incident calling it “atrocious” and accusing the company of “ignoring the interests” of affected passengers.

“You should have called the police, but instead of calling the police you carried on handling it internally, it’s like a thief or burglar broke into your house and you tried to catch him and you couldn’t and everything has been stolen.”

Hong Kong First’s Claudia Mo didn’t mince words, asking whether heads should roll.

“For the Cathay chairman to say it’s difficult and painful for them to be sitting here this morning is just pathetic,” she said.

“We’re doing all this with hindsight you knew about this hacking as early as March 13th. The sorry affair is now being widely perceived as a blatant attempt to cover up what’s been happening.

“You failed to call the Hong Kong police, you failed to tell any regulator. This is really the question you have to answer, ‘whatever happened to the people’s right to know’.”

In response, Cathay CEO Rupert Hogg said the company’s “intention was good”, but he “regretted” the delay in revealing data had been stolen.

Regarding possible fines, he said the company had had “enquiries from regulators” to “understand what’s been going on” however he declined to discuss the issue further. Pressed on compensation, both Slosar and Hogg refused to commit.

The police and Hong Kong’s privacy commissioner are now investigating the case to determine whether or not Cathay have violated data protection laws.



Reader Interactions

Leave A Reply


BECOME A COCO+ MEMBER

Support local news and join a community of like-minded
“Coconauts” across Southeast Asia and Hong Kong.

Join Now
Coconuts TV
Our latest and greatest original videos
Subscribe on