Cathay tries to pacify angry hack victims with ‘exciting offers’

HONG KONG • Reeling from the world’s worst airline hack that exposed personal data of 9.4 million passengers, Cathay Pacific Airways Ltd is seeking to regain customer trust with “exciting offers” including better in-flight dining and entertainment.

The marquee carrier is attempting to soothe angry customers by promising better services on board after coming under fire for the seven-month delay in disclosing the breach detected back in March. Among the information exposed were passport details, addresses and emails, although there was no evidence the data was misused, the airline has said.

“We understand that people are disappointed and upset by this event,” chairman John Slosar said, fielding queries from Hong Kong’s lawmakers at a panel meeting yesterday. “We want to make some particularly exciting offers that people can take advantage of going forward.”

The sophisticated attacks that lasted months earlier this year couldn’t have come at a worse time for Cathay Pacific CEO Rupert Hogg. At best, it is a distraction from his efforts to steer Asia’s biggest international airline back to profit, and at worst, the carrier could face regulatory action and lawsuits as it faces inquiries in at least 15 jurisdictions.

Hogg told lawmakers yesterday that it’s still too early to discuss compensation and costs resulting from the hack. The attacks were most intense March through May and continued, Cathay Pacific said on Monday separately. Although the number of successful attempts diminished, concerns remain new ones could be mounted, it said.

Slosar said the carrier made a call in March that the information, although of public interest, wasn’t material or price sensitive and held off on disclosing it immediately. The price change after the disclosure confirms Cathay Pacific’s judgment, he said.

Shares of the carrier have rebounded 3.4% since the disclosure. They had slumped the most since January 2017 the day after the filing.

Cathay Pacific has said in the past that it needed to investigate the violation thoroughly before sharing details of the attack. Eventually, it revealed it in a filing on Oct 24.

“It’s a lesson we learned,” Slosar said, adding Cathay Pacific will “report instantly” if a hack were to happen tomorrow. — Bloomberg