Qantas Admits Data Breach Affecting 5.7 Million of Its Customers
In a recent development, Australian airline Qantas has confirmed a data breach that has potentially impacted nearly six million of its customers. The affected individuals had their personal details exposed, including names, email addresses, and Qantas Frequent Flyer details.
The hacking group known as "Lapsus$" has reportedly been behind this data theft and has already contacted the company. However, it's still unclear whether Lapsus$ is directly responsible for the incident.
Just days before the data breach was revealed, the FBI had warned that the infamous Scattered Spider collective was targeting the airline industry. While it's not certain whether Scattered Spider was involved, the attack on Qantas bears some similarities to a Scattered Spider campaign, as it targeted a call center.
Actors linked to Scattered Spider, who are often native English speakers, are known for socially engineering IT helpdesk and call center staff to gain passwords. In this case, the unnamed threat actor was able to gain access to a third-party customer servicing platform, from which they obtained data on 5.7 million Qantas customers.
The breach did not compromise card, financial, passport data, passwords, PINs, or logins, according to Qantas. However, ten thousand customers had details on meal preferences stolen, one million customers had only their name and email compromised, one million one hundred thousand customers had their date of birth compromised, and four hundred thousand customers had their gender exposed. One point three million customers had their residential and/or business address compromised, and nine hundred thousand customers had records including their mobile, landline, or business phone number revealed.
Qantas group CEO, Vanessa Hudson, has stated that additional security measures have been implemented to prevent a similar event in the future. Affected customers are urged to stay vigilant for phishing emails, texts, and phone calls claiming to be from Qantas. They are also advised to use multi-factor authentication (MFA) on all email and other accounts.
Qantas is in constant contact with the National Cyber Security Coordinator, Australian Cyber Security Centre, and the Australian Federal Police for ongoing support. Affected customers are directed to visit IDCARE's Learning Centre and the Office of the Australian Information Commissioner website for more information on protecting personal data.
Customers are encouraged to stay informed on the latest threats by visiting the Australian Cyber Security Centre and the National Anti-Scam Centreβs Scamwatch site. Qantas has urged affected customers to be cautious and not to provide any online account passwords or personal/financial information to 'officials' contacted via phone, email, or text.
