Qantas data breach sees up to 6M customer records at risk

A Qantas data breach resulting from a cybersecurity attack has put up to 6M customer records at risk of exposure, with names, email addresses, phone numbers, and dates of birth confirmed to be included. The hack was of a contact center database operated by one of the airline’s partners …

Qantas says it is too early to determine how many customers have been affected, but says it expects it to be a “significant” proportion of the 6M total.

On Monday, we detected unusual activity on a third party platform used by a Qantas airline contact centre.  We then took immediate steps and contained the system. We can confirm all Qantas systems remain secure.

There are 6 million customers that have service records in this platform. We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant. An initial review has confirmed the data includes some customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers.

Importantly, credit card details, personal financial information and passport details are not held in this system. No frequent flyer accounts were compromised nor have passwords, PIN numbers or log in details been accessed.

The notification confirms that the breach occurred as a result of a hack.

The incident occurred when a cyber criminal targeted a call centre […] Qantas has notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. Given the criminal nature of this incident, the Australian Federal Police has also been notified.

BleepingComputer reports that a hacking group known as Scattered Spider may be behind the attack.

This attack comes as cybersecurity firms warn that hackers known as “Scattered Spider” have begun targeting the aviation and transportation industries. While it is unclear if this group is behind the Qantas attack, BleepingComputer has learned the incident shares similarities with other recent attacks by the threat actors.

The airline is promising to contact customers today, and says that those affected will be offered advice on avoiding identity theft. The statement stops short of offering a free subscription to a protections service.

Customers with questions can call the dedicated support line on +61 2 8028 0534.

Photo by Troy Mortier on Unsplash