Direct route for scammers as Qantas hack scale revealed
Australia's largest airline on Wednesday disclosed details of the 5.7 million customer records impacted when a third-party system used by an offshore call centre was hacked.
Of those, the names, email addresses and frequent flyer details of four million customers were exposed.
The remaining 1.7 million customers had more data taken, including their names, email addresses, dates of birth, phone numbers, personal or business addresses, gender and meal preferences.
In total, about 10,000 meal preferences were accessed.
A cybersecurity expert warned compromising such personal information was a "good starting point" for scammers to target individuals.
"I see this as stage one of the continuous Qantas situation," RMIT University's Matthew Warren told AAP.
Scam attempts would likely start with people impersonating Qantas staff in the weeks and months to come as criminals tried to gain financial or passport details, he said
But the attempts could become more targeted from there, including business invoice scams, especially if the information was distributed widely on the dark web.
Qantas maintains there is no evidence so far any stolen personal data has been released.
Professor Warren said it was only a matter of time before the hackers published the data but they would likely try to hold Qantas to ransom first.
"If the data is then sold on the dark net, you're then going to get other groups spending a lot more time trawling through the data and trying to identify possible ways to undertake scams," he said.
Qantas has begun individually notifying almost six million customers which of their specific personal details have been exposed in the attack.
The airline previously said a possible cybercriminal had contacted it about the hack, but would not confirm whether a ransom demand had been received.
Australian Federal Police investigators are also probing the breach.
Sydney-based customer Nick Allison received an email on Wednesday morning notifying him that his name, frequent flyer number and tier were exposed in the cyber raid.
Mr Allison, who was also embroiled in the 2022 Optus and 2023 Dymocks hacks, is worried about a rise in phishing attempts as a result of his data being exposed.
"Is it going to be every single email that I get sent for the rest of my life from Qantas? Is that a scam? Is that real?" he said.
"How am I going to know? They've got all that data."
Mr Allison said he had lost some trust in Qantas in the wake of the hack.
"It makes me very hesitant to give Qantas more information in the future. Is it going to get lost?" he said.
As the scam risk grows, customers are being urged to remain alert to emails, text messages or phone calls if the sender purports to be from Qantas.
"Regularly review your compromised accounts and other linked accounts for unusual activity," cybersecurity technology firm McAfee's Tyler McGee said.
The identity of the group responsible for the attack remains a mystery, although multiple experts believe it is the work of Scattered Spider, a cabal of young cybercriminals living in the US and the UK.
Qantas said it had set up extra cybersecurity measures to protect customer data.
Scammers could have a direct route to devising targeted scams for millions of Qantas customers in coming months as the airline reveals exactly what personal data was exposed in a major cyber attack.
Australia's largest airline on Wednesday disclosed details of the 5.7 million customer records impacted when a third-party system used by an offshore call centre was hacked.
Of those, the names, email addresses and frequent flyer details of four million customers were exposed.
The remaining 1.7 million customers had more data taken, including their names, email addresses, dates of birth, phone numbers, personal or business addresses, gender and meal preferences.
In total, about 10,000 meal preferences were accessed.
A cybersecurity expert warned compromising such personal information was a "good starting point" for scammers to target individuals.
"I see this as stage one of the continuous Qantas situation," RMIT University's Matthew Warren told AAP.
Scam attempts would likely start with people impersonating Qantas staff in the weeks and months to come as criminals tried to gain financial or passport details, he said
But the attempts could become more targeted from there, including business invoice scams, especially if the information was distributed widely on the dark web.
Qantas maintains there is no evidence so far any stolen personal data has been released.
Professor Warren said it was only a matter of time before the hackers published the data but they would likely try to hold Qantas to ransom first.
"If the data is then sold on the dark net, you're then going to get other groups spending a lot more time trawling through the data and trying to identify possible ways to undertake scams," he said.
Qantas has begun individually notifying almost six million customers which of their specific personal details have been exposed in the attack.
The airline previously said a possible cybercriminal had contacted it about the hack, but would not confirm whether a ransom demand had been received.
Australian Federal Police investigators are also probing the breach.
Sydney-based customer Nick Allison received an email on Wednesday morning notifying him that his name, frequent flyer number and tier were exposed in the cyber raid.
Mr Allison, who was also embroiled in the 2022 Optus and 2023 Dymocks hacks, is worried about a rise in phishing attempts as a result of his data being exposed.
"Is it going to be every single email that I get sent for the rest of my life from Qantas? Is that a scam? Is that real?" he said.
"How am I going to know? They've got all that data."
Mr Allison said he had lost some trust in Qantas in the wake of the hack.
"It makes me very hesitant to give Qantas more information in the future. Is it going to get lost?" he said.
As the scam risk grows, customers are being urged to remain alert to emails, text messages or phone calls if the sender purports to be from Qantas.
"Regularly review your compromised accounts and other linked accounts for unusual activity," cybersecurity technology firm McAfee's Tyler McGee said.
The identity of the group responsible for the attack remains a mystery, although multiple experts believe it is the work of Scattered Spider, a cabal of young cybercriminals living in the US and the UK.
Qantas said it had set up extra cybersecurity measures to protect customer data.
Scammers could have a direct route to devising targeted scams for millions of Qantas customers in coming months as the airline reveals exactly what personal data was exposed in a major cyber attack.
Australia's largest airline on Wednesday disclosed details of the 5.7 million customer records impacted when a third-party system used by an offshore call centre was hacked.
Of those, the names, email addresses and frequent flyer details of four million customers were exposed.
The remaining 1.7 million customers had more data taken, including their names, email addresses, dates of birth, phone numbers, personal or business addresses, gender and meal preferences.
In total, about 10,000 meal preferences were accessed.
A cybersecurity expert warned compromising such personal information was a "good starting point" for scammers to target individuals.
"I see this as stage one of the continuous Qantas situation," RMIT University's Matthew Warren told AAP.
Scam attempts would likely start with people impersonating Qantas staff in the weeks and months to come as criminals tried to gain financial or passport details, he said
But the attempts could become more targeted from there, including business invoice scams, especially if the information was distributed widely on the dark web.
Qantas maintains there is no evidence so far any stolen personal data has been released.
Professor Warren said it was only a matter of time before the hackers published the data but they would likely try to hold Qantas to ransom first.
"If the data is then sold on the dark net, you're then going to get other groups spending a lot more time trawling through the data and trying to identify possible ways to undertake scams," he said.
Qantas has begun individually notifying almost six million customers which of their specific personal details have been exposed in the attack.
The airline previously said a possible cybercriminal had contacted it about the hack, but would not confirm whether a ransom demand had been received.
Australian Federal Police investigators are also probing the breach.
Sydney-based customer Nick Allison received an email on Wednesday morning notifying him that his name, frequent flyer number and tier were exposed in the cyber raid.
Mr Allison, who was also embroiled in the 2022 Optus and 2023 Dymocks hacks, is worried about a rise in phishing attempts as a result of his data being exposed.
"Is it going to be every single email that I get sent for the rest of my life from Qantas? Is that a scam? Is that real?" he said.
"How am I going to know? They've got all that data."
Mr Allison said he had lost some trust in Qantas in the wake of the hack.
"It makes me very hesitant to give Qantas more information in the future. Is it going to get lost?" he said.
As the scam risk grows, customers are being urged to remain alert to emails, text messages or phone calls if the sender purports to be from Qantas.
"Regularly review your compromised accounts and other linked accounts for unusual activity," cybersecurity technology firm McAfee's Tyler McGee said.
The identity of the group responsible for the attack remains a mystery, although multiple experts believe it is the work of Scattered Spider, a cabal of young cybercriminals living in the US and the UK.
Qantas said it had set up extra cybersecurity measures to protect customer data.
Scammers could have a direct route to devising targeted scams for millions of Qantas customers in coming months as the airline reveals exactly what personal data was exposed in a major cyber attack.
Australia's largest airline on Wednesday disclosed details of the 5.7 million customer records impacted when a third-party system used by an offshore call centre was hacked.
Of those, the names, email addresses and frequent flyer details of four million customers were exposed.
The remaining 1.7 million customers had more data taken, including their names, email addresses, dates of birth, phone numbers, personal or business addresses, gender and meal preferences.
In total, about 10,000 meal preferences were accessed.
A cybersecurity expert warned compromising such personal information was a "good starting point" for scammers to target individuals.
"I see this as stage one of the continuous Qantas situation," RMIT University's Matthew Warren told AAP.
Scam attempts would likely start with people impersonating Qantas staff in the weeks and months to come as criminals tried to gain financial or passport details, he said
But the attempts could become more targeted from there, including business invoice scams, especially if the information was distributed widely on the dark web.
Qantas maintains there is no evidence so far any stolen personal data has been released.
Professor Warren said it was only a matter of time before the hackers published the data but they would likely try to hold Qantas to ransom first.
"If the data is then sold on the dark net, you're then going to get other groups spending a lot more time trawling through the data and trying to identify possible ways to undertake scams," he said.
Qantas has begun individually notifying almost six million customers which of their specific personal details have been exposed in the attack.
The airline previously said a possible cybercriminal had contacted it about the hack, but would not confirm whether a ransom demand had been received.
Australian Federal Police investigators are also probing the breach.
Sydney-based customer Nick Allison received an email on Wednesday morning notifying him that his name, frequent flyer number and tier were exposed in the cyber raid.
Mr Allison, who was also embroiled in the 2022 Optus and 2023 Dymocks hacks, is worried about a rise in phishing attempts as a result of his data being exposed.
"Is it going to be every single email that I get sent for the rest of my life from Qantas? Is that a scam? Is that real?" he said.
"How am I going to know? They've got all that data."
Mr Allison said he had lost some trust in Qantas in the wake of the hack.
"It makes me very hesitant to give Qantas more information in the future. Is it going to get lost?" he said.
As the scam risk grows, customers are being urged to remain alert to emails, text messages or phone calls if the sender purports to be from Qantas.
"Regularly review your compromised accounts and other linked accounts for unusual activity," cybersecurity technology firm McAfee's Tyler McGee said.
The identity of the group responsible for the attack remains a mystery, although multiple experts believe it is the work of Scattered Spider, a cabal of young cybercriminals living in the US and the UK.
Qantas said it had set up extra cybersecurity measures to protect customer data.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Age
22 minutes ago
- The Age
Corporate fairytale: How a boy from the bush rose to run world's third-largest mining giant
Given the size of the iron ore division and its importance to Rio's profit, Trott became a highly important visible executive who would have enormous exposure to the London-based board and to shareholders. Being a global mining house, Rio has a shareholder base that reflects its international citizenship, which is unlikely to be concerned about the nationality of its chief executive but who are supportive of Trott's elevation to the top. But King and Rinehart (whose own mining company has joint venture iron ore operations with Rio) both sit alongside a wider movement to move Rio's base from London to Australia, where its iron ore division provides the global miner with its red-coloured cash cow. However, Rinehart's desire to have the Rio head office moved to Perth amounts to wishful thinking from Australia's iron ore queen. Instead, Trott will be relocated to London. The appointment of an Australian punctuates a line of chief executives who hailed from the ranks of global citizens – the most recent of whom was the Danish Stausholm, who left after speculation he had experienced a falling out with Rio chairman Dominic Barton. Loading Stausholm had filled the vacancy left by Frenchman Jacques. He followed Australian Sam Walsh, who had a brief three-year stint in the role after American Tom Albanese was ousted after a series of ill-fated acquisitions left the company with a $14 billion writedown. Trott will usher in a new phase of Rio's progress, including productivity improvements on existing operations during a time when the iron ore price is under pressure. He needs to continue his task of ensuring improvements in the running and the cost base of the Pilbara iron ore engine, but also manage the introduction into the market of ore from the giant Simandou project in Guinea, in which Rio owns a minority stake alongside its Chinese partners. (This could make the joint venture with Rinehart look like a walk in the park.) Loading Additionally, Trott will have to tackle the numerous challenges of Mongolia's 66 per cent-owned copper and gold mine, which could be one of the world's top five copper mines if developed to its full potential, at a time when the commodity is expected to be in hot demand. This involves dealing with the difficult relationship with the Mongolian government with whom the company is still battling over a tax dispute and historical claims of corruption. And all this needs navigating in the middle of the Trump era of trade upheaval.
Sydney Morning Herald
27 minutes ago
- Sydney Morning Herald
Corporate fairytale: How a boy from the bush rose to run world's third-largest mining giant
Given the size of the iron ore division and its importance to Rio's profit, Trott became a highly important visible executive who would have enormous exposure to the London-based board and to shareholders. Being a global mining house, Rio has a shareholder base that reflects its international citizenship, which is unlikely to be concerned about the nationality of its chief executive but who are supportive of Trott's elevation to the top. But King and Rinehart (whose own mining company has joint venture iron ore operations with Rio) both sit alongside a wider movement to move Rio's base from London to Australia, where its iron ore division provides the global miner with its red-coloured cash cow. However, Rinehart's desire to have the Rio head office moved to Perth amounts to wishful thinking from Australia's iron ore queen. Instead, Trott will be relocated to London. The appointment of an Australian punctuates a line of chief executives who hailed from the ranks of global citizens – the most recent of whom was the Danish Stausholm, who left after speculation he had experienced a falling out with Rio chairman Dominic Barton. Loading Stausholm had filled the vacancy left by Frenchman Jacques. He followed Australian Sam Walsh, who had a brief three-year stint in the role after American Tom Albanese was ousted after a series of ill-fated acquisitions left the company with a $14 billion writedown. Trott will usher in a new phase of Rio's progress, including productivity improvements on existing operations during a time when the iron ore price is under pressure. He needs to continue his task of ensuring improvements in the running and the cost base of the Pilbara iron ore engine, but also manage the introduction into the market of ore from the giant Simandou project in Guinea, in which Rio owns a minority stake alongside its Chinese partners. (This could make the joint venture with Rinehart look like a walk in the park.) Loading Additionally, Trott will have to tackle the numerous challenges of Mongolia's 66 per cent-owned copper and gold mine, which could be one of the world's top five copper mines if developed to its full potential, at a time when the commodity is expected to be in hot demand. This involves dealing with the difficult relationship with the Mongolian government with whom the company is still battling over a tax dispute and historical claims of corruption. And all this needs navigating in the middle of the Trump era of trade upheaval.
ABC News
an hour ago
- ABC News
Jury hung majority of charges against Guy Sebastian's former manager Titus Day
The embezzlement trial of Guy Sebastian's former manager has ended in a jury acquitting Titus Day of four charges but remaining hung on the majority of allegations that he misappropriated hundreds of thousands of dollars in performance fees. The 52-year-old pleaded not guilty to 34 counts of embezzlement as a clerk or servant and one count of obtaining a financial advantage by deception. The NSW District Court heard allegations Mr Day embezzled $620,000 from the popular singer between 2013 and 2020. His defence team argued the Crown had failed to disprove whether any misapplication of funds was not deliberate but rather a mistake. The jury had been deliberating for more than a week when it returned unanimous not guilty verdicts on four embezzlement charges on Tuesday. Those four charges accounted for about $114,000. In a note to Judge Alister Abadee, the jurors said they felt that further deliberations would be "wasting the court's valuable time". The judge urged them to continue deliberating, with the option of returning majority 11-1 verdicts if unanimous decisions were not possible. On Wednesday the panel sent another note indicating they remained deadlocked, and the foreperson confirmed they would not reach either unanimous or majority decisions. Judge Abadee discharged the panel, thanking them for their service. During the trial, jurors were told Mr Day was being paid "very well", with the singer giving evidence he was paying about half a million dollars a year to a company called 6 Degrees for Mr Day's management. Mr Sebastian signed on when Mr Day decided to start his own agency, as a "marquee client" that could almost guarantee income. Crown Prosecutor Brett Hatfield SC said it was clear 6 Degrees was "not run well" and ended up going broke. He urged jurors to "not lose sight of the big picture" when considering the individual charges, arguing that the accused "knew that what he was doing was fraudulently misappropriating the money". "In each instance, in relation to each count, there was a clear failure and circumstances of dishonesty to render the activity fraudulent," Mr Hatfield said in his closing address. The allegations have also been at the centre of civil proceedings between the two men. Defence counsel Thomas Woods said the entire prosecution was "misconceived" and questioned why police didn't leave the two men to "battle it out in the Federal Court". The barrister said whenever Mr Day held onto money that came into the 6 Degrees account, it was because he believed he was entitled to do so. In a closing address, Mr Woods said jurors should consider the evidence through the lens that his client was running a lawful and legitimate business. "He wasn't some kind of crime boss who was intent on the ruthless exploitation of innocent people. He was not and is not some Ned Kelly-type of person." Mr Woods said a charge of fraud could not be made out by showing that a business was run in a "sloppy way" or that a person was "careless or even negligent". "You might think that this is an unfortunate case involving a dramatic falling out between friends and the breakdown of a previously mutually successful business relationship," he said. "You might think that both parties to this dispute sincerely believe that they are in the right." The civil case was put on hold until the end of the criminal proceedings. This was the second time Mr Day faced trial over embezzlement allegations. A previous jury found him guilty of 35 charges and cleared him of 13 others, but the convictions were quashed on appeal and a retrial was ordered. The case will now return to court for a mention and the DPP will need to decide whether the matter will go to another retrial. Mr Day remains on bail.
