Qantas Confirms Major Data Breach Affecting Millions of Customers

Australian airline Qantas has confirmed a significant data breach affecting approximately 5.7 million customers. The sensitive information was reportedly leaked online following a major cyberattack earlier this year. This incident is part of a larger breach that has impacted several companies globally.

In July, Qantas disclosed that hackers had breached a customer contact centre, gaining access to a system managed by a third-party vendor. The compromised data includes customer names, email addresses, phone numbers, and birth dates. Importantly, Qantas clarified that credit card details and passport numbers were not stored in the affected system.

According to reports, the third-party vendor involved is the software firm Salesforce. The company recently acknowledged that it was aware of extortion attempts by cybercriminals targeting its clients. Following the initial breach, Qantas stated, “With the help of specialist cyber security experts, we are investigating what data was part of the release.”

Scope of the Breach

The breach has ramifications beyond Qantas, as it is linked to a wider series of cyberattacks affecting numerous firms, including well-known brands such as Disney, Google, IKEA, Toyota, McDonald’s, and major airlines Air France and KLM.

Qantas has obtained a legal injunction from the Supreme Court of New South Wales to prevent unauthorized access to the stolen data. The airline emphasized its commitment to protecting customer information and preventing further misuse of the leaked data.

Cybersecurity analysts have traced the attack to a group of hackers affiliated with the Scattered Lapsus$ Hunters. Research group Unit 42 reported that this group had taken responsibility for breaching customer accounts associated with Salesforce. They indicated that the hackers had set a ransom payment deadline of October 10 for the return of the stolen data.

Implications for Customers and Businesses

Threat intelligence platform FalconFeeds announced that the leaked customer data had appeared on the dark web over the weekend. The data theft is believed to have occurred through social engineering techniques, where attackers impersonate trusted representatives to manipulate victims into providing sensitive information.

The breach not only raises concerns for Qantas customers but also for other impacted organizations like Vietnam Airlines, clothing retailer Gap, and Japanese multinational Fujifilm. As the investigation continues, affected companies are urged to enhance their cybersecurity measures to protect against further breaches.

This situation serves as a stark reminder of the vulnerabilities faced by even the largest corporations in safeguarding customer data. With the evolving landscape of cyber threats, organizations must remain vigilant in their efforts to secure sensitive information and protect their clients.