Australian airline Qantas says customer data stolen by cybercriminal
The company said in a statement that a cybercriminal targeted one of its call centers on Monday and gained access to a third-party customer service platform that holds records for 6 million passengers. Qantas apologized to customers and said that while it's still investigating the proportion of data stolen, 'we expect it will be significant.' However, the system that was breached did not contain credit card and passport details or other personal financial information. Frequent flyer accounts weren't compromised and security credentials were not accessed, Qantas said.
Qantas, Australia's biggest airline, said there is no impact on operations or safety. 'We sincerely apologize to our customers and we recognize the uncertainty this will cause,' CEO Vanessa Hudson said in a statement. Qantas said it has tightened up security measures and notified Australian cyber and data privacy authorities and the federal police.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Al Arabiya
2 days ago
- Al Arabiya
Australian airline Qantas says customer data stolen by cybercriminal
Australian airline Qantas said Wednesday that a hacker made off with a trove of customers' personal data, including passenger names, emails, phone numbers, birth dates, and frequent flyer numbers. The company said in a statement that a cybercriminal targeted one of its call centers on Monday and gained access to a third-party customer service platform that holds records for 6 million passengers. Qantas apologized to customers and said that while it's still investigating the proportion of data stolen, 'we expect it will be significant.' However, the system that was breached did not contain credit card and passport details or other personal financial information. Frequent flyer accounts weren't compromised and security credentials were not accessed, Qantas said. Qantas, Australia's biggest airline, said there is no impact on operations or safety. 'We sincerely apologize to our customers and we recognize the uncertainty this will cause,' CEO Vanessa Hudson said in a statement. Qantas said it has tightened up security measures and notified Australian cyber and data privacy authorities and the federal police.
Saudi Gazette
2 days ago
- Saudi Gazette
Qantas cyber hack could have stolen ‘significant' amount of data from six million customers
SYDNEY — Australian airline Qantas says a data hack on Monday exposed the personal information of six million customers and it expects the amount stolen to be 'significant.' The hack penetrated a third-party customer service platform used by a Qantas contact center, the airline said in a statement on Wednesday. Six million customers have service records on the platform – with data including some of their names, email addresses, phone numbers, birth dates and frequent flyer numbers. However, the platform does not contain any customer credit card details, financial information or passport details, Qantas said. After Qantas detected 'unusual activity' on the platform, it took action and 'contained' the system, it said. The statement said all Qantas systems are now secure, and there is no impact to the company's operations or safety. It's not clear exactly how much data was stolen, 'though we expect it to be significant,' the airline said. It is now working to support affected customers, and is cooperating with the Australian Cyber Security Centre, Australian Federal Police and independent cybersecurity experts on the investigation. 'We sincerely apologize to our customers and we recognize the uncertainty this will cause. Our customers trust us with their personal information and we take that responsibility seriously,' said Qantas CEO Vanessa Hudson in the statement.'We are contacting our customers today and our focus is on providing them with the necessary support.'Qantas' share price was down 3.5% in morning trading, against a 0.4% gain in the broader market, according to has seen a series of major cyberattacks and company hacks in recent years. In 2019, a cyberattack targeted Australia's ruling and opposition parties less than three months before a national election. Two years later, broadcaster Nine News suffered a cyberattack that forced a number of live shows off air – calling it the largest cyberattack on a media company in Australia's recently in 2022, cybercriminals in Russia conducted a ransomware attack on Medibank, one of Australia's largest private health insurers. Sensitive personal data, including health claims information, was stolen from 9.7 million customers – some of which was then released onto the dark year, Australia publicly named and imposed sanctions on a Russian national for his alleged role in the attack. He was an alleged member of the Russian ransomware gang REvil, which had previously launched large attacks on targets in the United States and elsewhere, before Russian authorities cracked down in 2022 and detained multiple people. — CNN
Asharq Al-Awsat
3 days ago
- Asharq Al-Awsat
Iran-Linked Hackers Threaten to Release Trump Aides' Emails
Iran-linked hackers have threatened to disclose more emails stolen from US President Donald Trump's circle, after distributing a prior batch to the media ahead of the 2024 US election. In online chats with Reuters on Sunday and Monday, the hackers, who go by the pseudonym Robert, said they had roughly 100 gigabytes of emails from the accounts of White House Chief of Staff Susie Wiles, Trump lawyer Lindsey Halligan, Trump adviser Roger Stone and porn star-turned-Trump antagonist Stormy Daniels. Robert raised the possibility of selling the material but otherwise did not provide details of their plans. The hackers did not describe the content of the emails. Halligan, Stone, a representative for Daniels and the US cyberdefense agency CISA did not immediately respond to requests for comment. The White House and the FBI responded with a statement from FBI Director Kash Patel, who said: "Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law." Iran's mission to the United Nations did not immediately return a message seeking comment. Tehran has in the past denied committing cyberespionage. Robert materialized in the final months of the 2024 presidential campaign, when they claimed to have breached the email accounts of several Trump allies, including Wiles. The hackers then distributed emails to journalists. Reuters previously authenticated some of the leaked material, including an email that appeared to document a financial arrangement between Trump and lawyers representing former presidential candidate Robert F. Kennedy Jr. - now Trump's health secretary. Other material included Trump campaign communication about Republican office-seekers and discussion of settlement negotiations with Daniels. Although the leaked documents did garner some coverage last year, they did not fundamentally alter the presidential race, which Trump won. The US Justice Department in a September 2024 indictment alleged that Iran's Revolutionary Guards ran the Robert hacking operation. In conversations with Reuters, the hackers declined to address the allegation. After Trump's election, Robert told Reuters that no more leaks were planned. As recently as May, the hackers told Reuters, "I am retired, man." But the group resumed communication after this month's 12-day air war between Israel and Iran, which was capped by US bombing of Iran's nuclear sites. In messages this week, Robert said they were organizing a sale of stolen emails and wanted Reuters to "broadcast this matter." American Enterprise Institute scholar Frederick Kagan, who has written about Iranian cyberespionage, said Tehran suffered serious damage in the conflict and its spies were likely trying to retaliate in ways that did not draw more US or Israeli action. "A default explanation is that everyone's been ordered to use all the asymmetric stuff that they can that's not likely to trigger a resumption of major Israeli/US military activity," he said. "Leaking a bunch more emails is not likely to do that." Despite worries that Tehran could unleash digital havoc, Iran's hackers took a low profile during the conflict. US cyber officials warned on Monday that American companies and critical infrastructure operators might still be in Tehran's crosshairs.
