【明報專訊】THE personal data of about 9.4 million passengers of Cathay Pacific and its subsidiary Cathay Dragon was "accessed without authorisation" in the worst leak of passenger data in the history of the international airline industry. Instead of notifying the authorities and the public as soon as possible, the company delayed announcing the incident for nearly six months. This is unacceptable. Hong Kong's privacy ordinance is outdated and a lot of corporations are not vigilant enough about cyber security. The government should amend the law as soon as possible to introduce heavy penalties and urge corporations to enhance their cyber security to protect the personal data of citizens.