Qantas Contacted By Perpetrator Of Massive Customer Data Breach

Qantas says it has been contacted by a cyber criminal less than a week after revealing a significant breach and theft of data on up to 6 million of its frequent flyers customers from its records during a cyber attack. 

The airline has issued a statement that it is working to verify the legitimacy of the contact and have informed the Australian Federal Police (AFP), who are working on it.

While the breach has been attributed to the prolific hacking collective known as Scattered Spider, Qantas has not confirmed the nature of the contact, or whether a ransom was sought. 

The airline has recently confirmed that a cyber attack occurred in one of its Filipino call centres, and customers’ names, dates of birth, emails, and frequent flyer numbers were stolen. Other personal information such as credit card, passport, and financial details were not stored in those centres, Qantas has said.  

The airline detected some suspicious activity on its third-party cyber platform used by a Qantas contact centre and Qantas said recently that it was investigating the proportion of the data that had been stolen, which it said it expected expected would be significant.

Qantas is continuing to work with specialist cyber security experts to forensically analyse the impacted system and that investigation has determined that the system is now secure and no credit card details, personal financial information or passport details were accessed in the breach. ‘We want to reassure all of our customers that there is no impact to Qantas' operations or the safety of our airline’, Qantas has said in a statement.

In an update on Friday 4th July, the AFP confirmed that Qantas had been working with the authorities investigating the this data breach. In a non-committal statement the AFP said "The airline has been highly engaged in assisting authorities and the AFP with investigating this incident." 

Recently the FBI has warned on X that the airline sector was a target of a cyber criminal group called Scattered Spider. Hawaiian Airlines and WestJet have both been affected by similar cyber attacks.

Qantas  |   ABC  |   Guardian  |  News.au  |   TravelGossip  |   TravelWeekly

Image: Ideogram

You Might Also Read: 

Airline Customer Data Left Exposed For Months:


If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 



 

« BMW Financial Services Suffers Supply Chain Breach 
Ingram Micro Grapples WIth SafePay Ransomware Attack »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

SKOUT Secure Intelligence

SKOUT Secure Intelligence

SkOUT Secure Intelligence (formerly Oxford Solutions) provides cyber security monitoring services to organizations around the globe.

Belden

Belden

Belden is a global leader in signal transmission and security solutions for mission-critical applications in enterprise and industrial markets. Belden brands include Hirschmann and Tofino Security.

Applied Science and Technology Research Institute Company Limited (ASTRI)

Applied Science and Technology Research Institute Company Limited (ASTRI)

ASTRI's mission is to enhance Hong Kong’s competitiveness in technology-based industries through applied research in areas including Security & Data Sciences which encompasses cybersecurity.

Wizlynx PTE LTD

Wizlynx PTE LTD

Wizlynx PTE LTD is the Singapore branch of Wizlynx Group located in Singapore, offering Information and Cyber Security Services throughout the entire Asia Pacific (APAC) region.

Norwest Venture Partners (NVP)

Norwest Venture Partners (NVP)

Norwest Venture Partners offer entrepreneurs a broad range of services to help them build their businesses at every stage of growth. Key sectors include AI, Infrastructure, SaaS and Security.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

Jobsite

Jobsite

Jobsite is an award winning job board in the UK providing job listings in the key sectors of IT, Engineering and Finance.

Data Privacy Office (DPO) - Belarus

Data Privacy Office (DPO) - Belarus

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Cyolo

Cyolo

Cyolo’s Secure Access Service Edge (SASE) platform securely connects onsite and remote users to authorized assets, in the organizational network, cloud or IoT environments and even offline networks.

SEMNet

SEMNet

SEMNet is an IT solutions provider and an infrastructure and security consulting firm.

Cyber Crucible

Cyber Crucible

Cyber Crucible is a cybersecurity Software as a Service company definitively removing the risk of data extortion from customer environments.

443ID

443ID

443ID brings OSINT data to Identity Security professionals on any digital platform.

Yotta Infrastructure Solutions

Yotta Infrastructure Solutions

Yotta Infrastructure, a Hiranandani group company, provide Datacenter Colocation and Tech Services such as Cloud services, Network & Connectivity, IT Security and IT Management services.

WireGuard

WireGuard

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs).

Keyrus

Keyrus

Keyrus is a global consultancy that develops data and digital solutions for performance management.