Hong Kong flag carrier Cathay Pacific said Wednesday that a data breach exposed personal information of up to 9.4 million passengers, but said it had no evidence that any of the data had been misused.
Cathay confirmed the breach while investigating an earlier discovery that data had been compromised, Reuters reports. The announcement follows a string of breaches at other major carriers, including Delta, Boeing and British Airways.
Flight systems and safety were not affected by the breach, the company said, as the IT systems affected were wholly separate from operational equipment.
Information accessed without authorization includes about 860,000 passport numbers and 403 expired credit card numbers, Cathay said. Other information likes names, nationalities, dates of birth, phone numbers, emails and addresses were also leaked, but passwords were not affected.
“We are very sorry for any concern this data security event may cause our passengers,” Cathay Pacific Chief Executive Rupert Hogg said in a statement.
“We acted immediately to contain the event, commence a thorough investigation with the assistance of a leading cybersecurity firm, and to further strengthen our IT security measures,” he continued.
Cathay is contacting affected passengers to assist with data protection, according to the statement.
More Must-Reads from TIME
- Why Trump’s Message Worked on Latino Men
- What Trump’s Win Could Mean for Housing
- The 100 Must-Read Books of 2024
- Sleep Doctors Share the 1 Tip That’s Changed Their Lives
- Column: Let’s Bring Back Romance
- What It’s Like to Have Long COVID As a Kid
- FX’s Say Nothing Is the Must-Watch Political Thriller of 2024
- Merle Bombardieri Is Helping People Make the Baby Decision
Contact us at letters@time.com