Lawmaker calls for Cathay data breach follow-up

Lawmaker Lei Cheng I has called for the Macau government to follow up on a recent data breach at Cathay Pacific Airway Ltd that affected more than nine million passengers.

In a written inquiry, Lei called upon the local government to follow up with the Hong Kong government on the breach and its impact on Macau residents.

The information exposed in the Cathay hack includes names, nationalities, birthdates, phone numbers, emails, physical addresses, passport numbers, identity cards and frequent-flier programs, as well as historical travel information. 

On Friday, Hong Kong’s government said that it was “highly concerned” about the incident and has asked the airline to “fully cooperate” with the Privacy Commissioner for Personal Data on a compliance check.

Lei also urged Macau’s Personal Data Protection Office to publish statistics on assistance requests related to the data breach.

The lawmaker said that cases of personal data breach, including incidents involving travel agencies, have been increasingly reported in Hong Kong in recent years.

Macau’s current Personal Data Protection Act was approved in 2005. Lei noted that there is a necessity to amend Macau’s personal data protection act as it has been in effect for many years.

In addition, Lei proposed that enterprises should report to government departments when data breach incidents occur.