Key Takeaways
1. Qantas experienced a security breach affecting potentially over six million customers’ personal information.
2. Compromised data includes names, phone numbers, addresses, dates of birth, and frequent flyer numbers, but not credit card details or passwords.
3. The breach was linked to a third-party customer service platform, which has been secured following unusual activity detection.
4. Qantas has reported the incident to Australian authorities, including the Cyber Security Centre and the Federal Police, and is actively investigating.
5. The hacking group “Scattered Spider” has been implicated in similar breaches targeting multiple airlines.
Australia’s main airline, Qantas, has disclosed a significant security breach that could have put the personal information of millions of its customers at risk. Although the precise number of impacted individuals is still being examined, it is possible that over six million passengers are affected.
Details of the Breach
As reported by Reuters, the attackers were able to infiltrate a third-party customer service platform. The compromised data includes personal information such as full names, phone numbers, addresses, dates of birth, and frequent flyer numbers.
Qantas has stated in a press release that credit card details, financial information, and passports were not stored in this system and are safe. The airline also reassured that frequent flyer account passwords, PINs, or login credentials were not included in the stolen data.
Immediate Actions Taken
On Monday, the airline detected unusual activities on the third-party platform and swiftly acted to contain the issue. They also confirmed that the integrity of their other systems remains intact.
“There are 6 million customers that have service records in this platform,” the airline noted. “We are still investigating how much of the data has been compromised, but we anticipate it will be considerable.”
Ongoing Investigations
Qantas has informed the Australian Cyber Security Centre and the Office of the Australian Information Commissioner about the breach. Additionally, the Australian Federal Police are now involved in the investigation. The airline is reaching out to customers who might be affected by the incident to offer support and details.
While Qantas indicated that a “cyber criminal” was responsible for the breach, they have not disclosed the identity of the group or individuals involved, as a complete investigation is underway.
As per Reuters, the U.S. Federal Bureau of Investigation mentioned last week that a hacking group, Scattered Spider, is targeting airlines. Other airlines, including Hawaiian Airlines and Canada’s WestJet, have also reported similar breaches.
Source:
Link
Leave a Reply