Cathay Pacific discovered unauthorised access to some of its information system containing passenger data of up to 9.4 million people. No-ones travel or loyalty profile was accessed in full, and no passwords were compromised. 403 expired credit card numbers with no CVV were accessed. The company has no evidence that any personal information has been misused. The IT systems affected are totally separate from its flight operations systems, and there is no impact on flight safety. Cathay has notified the Hong Kong Police and is notifying the relevant authorities.”]
Source: https://news.cathaypacific.com/cathay-pacific-announces-data-security-event-affecting-passenger-data