Lessons Learned From The Cathay Pacific Data Breach
Hong Kong airline company Cathay Pacific was fined 500 000 pounds by the UK Information Commissioner’s office due to a data leak where 9.4 million user records were leaked. Of the affected individuals, over 100 000 were from the UK.
The data breach was the result of unauthorized access to Cathay Pacific’s servers that dated back to October of 2018. In a statement on the breach, Cathay Pacific stated that it would like to “sincerely apologize for this incident”.
The UK’s Information Commissioner’s Office discovered that the data breach had resulted in the records between October 2014 and May 2018 to be leaked.
This incident illustrates the importance of applying security patches to protect organization server. Cathay stated that it suspects the data breach occurred due to a known security vulnerability being exploited by cyberattackers. In its investigation, the UK Information Commissioner discovered that the company did not apply the security update fixing the patch, which was released over a decade prior to the attack. The vulnerability, which was not publically named, was in fact discovered in February 2007. It is known that attackers exploiting this vulnerability does not need technical skills and is able to get administrative access to a victim’s computer. Cathay pacific admitted that its regular vulnerability scans, which are used to detect potential security flaws in the company’s network, was not able to detect the vulnerability for over 10 years. It was discovered that one of the systems that was compromised had 16 security updates that were pending.
Another reason that the Cathay Pacific data breach occurred was that one if its servers was running an operating system that was no longer supported by its developer. Operating systems (O.S.), like many other software, requires constant updates to repair new security vulnerabilities that are discovered. After an operating system becomes end-of-life, however, the developer no longer releases software updates for it, leaving computers still running the operating system vulnerable to cyberattack. The most recent instance of this occurring is the Windows 7 End of life, which occurred on January 14th of 2020. You can read more about operating system patches in our article here.
It is clear from the Cathay Pacific data breach that proper patch management is an important facet of keeping your organization’s IT safe from cyberattack. GIGE IT solutions’ network experts help you organization identify vulnerabilities in your organizations’ network. We audit and provide consultation and remediation strategies to help you stay protected from data leaks and cyberattacks.