Stay Safe - Hackers are Targeting Airlines for Lucrative Information

Hello Steemians! About one and a half months ago, British Airways were reportedly hacked. At that point, it was said that about 380,000 passengers' information was breached. However, last week, new statements were released that potentially, more information were breached than the original estimation. Also in the past week, Cathay Pacific released a statement informing their customers that they had been hacked. In this hack, a massive 9.4 million passengers information were breached.

Let us take a closer look into these 2 incidents and understand the impact and potential learning points.

---

British Airways Hack

How many customers were affected?

• At least 380,000 passengers were affected and British Airways recent statements are saying that there could be more

What information were breached?

• Credit card information
• Personal information like passengers' names and home addresses

How did the hack happen?

• Through a web-based vulnerability known as cross-site scripting. Users were redirected to a fraudulent site due to this vulnerability and information were forwarded to the hackers' servers as part of a legitimate transaction on British Airways website

What are the impacts on the company?

• Share price tanked following the hack. Source.
• Reputational impact
• Will possibly be fined by regulators and government

How do I know if I am affected? And what should I do if I am?

• British Airways put up a page to provide all the information you need to determine if you are affected and what should you do if you are

---

Cathay Pacific Hack

How many customers were affected?

• 9.4 million passengers were affected

What information were breached?

• Personal information such as, names of passengers, their nationalities, dates of birth, telephone numbers, email and physical addresses, passport numbers, identity card numbers
• Credit card information

How did the hack happen?

• Information is still scarce but security experts believe it to be vulnerabilities in Cathay Pacific cloud infrastructure. Source.
• Poor cloud security hygiene could have led to direct access to Cathay Pacific's databases in the cloud.

What are the impacts on the company?

• Share price tanked following the hack. Source.
• Reputational impact
• Will possibly be fined by regulators and government

How do I know if I am affected? And what should I do if I am?

• Cathay Pacific put up a page to provide all the information you need to determine if you are affected and what should you do if you are

---

Learning Points and Conclusion

As companies start to embark in technology refresh/change to their infrastructure, it is always important to have security in mind. I have seen many cases where technology moves without considering security and resulted in unnecessary risks. Furthermore, these 2 incidents also highlighted that the detection mechanism of hacks and breaches is key to any companies. As a cybersecurity practitioner, we all understand that it is impossible to secure your perimeters to ensure zero vulnerabilities. What is important is rather the detection mechanism and the incident response process. We will need to assume that breach is going to happen and be prepared for one when it does happen.

Through these 2 incidents, we can also see that hackers are always looking for the path of least resistance. Unlike banks, airlines are not that heavily regulated and hence, their security posture may not be as good. However, lucrative information are still held by these companies and they may be seen as easier targets by hackers.

Thanks for reading! Let me know your thoughts on these 2 recent security incidents. Are you affected by any of them? If you like what you have read, do give me an upvote and a follow.

Projects/Services I am working on:

• Steem-Oracle Project
• Byteball to Steem conversion service

---

You can find me in these communities: