Qantas Verifies That Cybercriminals Have Unveiled Customer Information
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Brief Overview
- Qantas has acknowledged a July data leak that revealed confidential customer data.
- More than a million customers had personal information accessed; an additional four million’s identities, including names and emails, were compromised.
- The leak is associated with an external platform, reportedly Salesforce.
- The hacker collective known as Scattered Lapsus$ Hunters is accountable for the data exposure.
- Qantas is collaborating with cybersecurity professionals to assess the situation.
Qantas Data Leak: What Occurred?
Qantas Airways has confirmed that customer information taken during a cyber incident in July has been exposed by cybercriminals. This incident stands as one of the largest in Australia, impacting over a million customers whose sensitive data such as phone numbers, birthdates, and residential addresses were accessed. Furthermore, an extra four million customers had their names and email information breached.
Information on the Leak
This cyber incident is the most notable since the 2022 breaches affecting Optus and Medibank, which resulted in the implementation of compulsory cyber resilience regulations in Australia. Qantas reported that the data was taken through a third-party service, generally identified as Salesforce, with cybercriminals utilizing social engineering methods to obtain access.
Actions and Inquiry
Qantas is joining forces with specialized cybersecurity professionals to determine what information was part of the exposure. The airline has also secured a court order to avert any further access to or publication of the compromised data by third parties.
The Cybercriminal Group
The hacking group Scattered Lapsus$ Hunters is responsible for the data exposure, which transpired after the group imposed a ransom deadline that was not fulfilled. This group is recognized for employing advanced cyber tactics to infiltrate corporate networks.
Conclusion
The Qantas data leak serves as a significant reminder of the weaknesses inherent in digital systems and the necessity for strong cybersecurity practices. As investigations proceed, both customers and businesses are encouraged to stay alert and revise security measures to safeguard sensitive data.
Q: How many customers were impacted by the leak?
A: Over one million customers had sensitive data accessed, while an additional four million had their names and emails compromised.
Q: Which platform was allegedly involved in the leak?
A: The breach is widely believed to involve Salesforce, where cybercriminals utilized social engineering strategies to gain entry.
Q: Who is accountable for the data exposure?
A: The hacker group Scattered Lapsus$ Hunters is responsible for the data exposure.
Q: How is Qantas addressing the leak?
A: Qantas is collaborating with cybersecurity specialists to investigate the incident and has obtained a court order to prevent further data exposure or distribution.
Q: What measures can customers take following the leak?
A: Customers are advised to monitor their accounts for unusual activities, update passwords, and remain cautious regarding phishing attempts.
