Hong Kong witnessed three data breaches targeting local flag carrier Cathay Pacific Airways, Louis Vuitton and the public postal service in the space of several days, sparking fresh concerns about cybersecurity in the city.
As digital threats evolve, the Post talks to experts about what went wrong, what consumers should watch out for and how companies can tighten their security.
1. What happened?
Cathay Pacific on Thursday disclosed that its Asia Miles loyalty programme had suffered a data breach, with the personal details, travel information and air mileage from 1,000 accounts left compromised. No credit card information was leaked.
The airline said it had resolved the breach and reinstated the stolen air miles. It also urged customers to use passkeys and warned of phishing attempts.
Earlier in the week, the Hongkong Post revealed its EC-Ship online mailing portal was hit by a cyberattack, potentially compromising the personal data of tens of thousands of account holders.
The breach was detected on Sunday and involved robotic access, which means automated software bots repeatedly targeted the system’s address book function to extract sender and recipient details, including names, phone and fax numbers, and email addresses.
