Australia's privacy watchdog warns ‘vishing' on the rise as Qantas strengthens security after cyber-attack
In an update to customers on Thursday, the airline said more security measures would be put in place after cybercriminals were able to gain access to a third-party system used by a Qantas airline contact centre to steal customers' personal information.
'We're … putting additional security measures in place to further restrict access and strengthen system monitoring and detection,' the company said.
Qantas began emailing affected customers on Wednesday evening, but had not indicated as of Thursday afternoon whether any compensation would be provided to those who had their personal information compromised.
Cybersecurity analysts indicated to Guardian Australia that, as of Thursday afternoon, the data had not yet been posted on forums or dark web locations that attackers commonly frequent.
The alleged culprit of the attack has yet to be identified but has similarities to a ransomware group known as Scattered Spider. The group has targeted airlines in the US in recent weeks by engaging in what are called social engineering attacks, or 'vishing'. They involve calling the IT support for large companies, often impersonating employees or contractors to deceive IT help desks into granting access and bypassing multi-factor authentication.
Sign up for Guardian Australia's breaking news email
An Office of the Australian Information Commissioner (OAIC) report on data breaches, released in May and covering the second half of last year, noted a rise in the number of social engineering attacks resulting in data breaches in Australia. The attacks made up 28% of all reported breaches resulting from malicious or criminal attacks.
The OAIC noted at the time that the 'significant increase' was particularly significant within Australian government agencies, which reported 60 out of the 115 breaches of that kind – a 46% increase on the previous six months.
Google's threat intelligence report in recent months has also warned of multiple threat actors using these methods to get into companies' systems.
In a June update, Nick Guttilla, from Google's Mandiant threat intelligence, said threat actors first build up intelligence on their target, reviewing employee positions and titles, information about their networks, cloud and email providers, and searching for publicly exposed documentation.
Some of this information can be found on company websites, as well as social media like LinkedIn.
From there, threat actors may test the IT service desk, which would routinely deal with a high volume of calls from staff needing help on password resets. According to Guttilla, attackers will see how far they can get before a staff member requests ID verification, feigning ignorance of the process to see if the staff member will relent and forgo normal procedure.
Sign up to Breaking News Australia
Get the most important news as it breaks
after newsletter promotion
An attacker may also pretend their phone is unavailable and that they need urgent account access.
In some attacks, they persuade an employee to install an application that helps exfiltrate the data from a system quickly. It is unknown at this stage if this is what happened in the Qantas breach.
Guttilla said training staff to rigorously perform ID checks on all calls, particularly for privileged accounts with more systems access, was critical.
The minister responsible for cybersecurity, Tony Burke, did not confirm whether the Qantas attack was associated with the Scattered Spider group, but said he had been briefed and would allow the cybersecurity agencies to make announcements on any alleged culprits.
'The reality is with these networks, they'll go where they can find vulnerability,' he said.
Burke said when companies relied on third parties for their systems, it made their cybersecurity obligations 'more complex'.
The Australian Signals Directorate was approached for comment.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Finextra
4 hours ago
- Finextra
Mogoplus raises funds for agentic AI in lending
Sydney based AI and data Insights provider Mogoplus has raised AU$1.5m in funding from London based New Model Venture Capital Group. 0 This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author. The funding will be deployed to expand the award-winning scale-up's existing AI based credit Insights portfolio and help it expand into other emerging open data markets and verticals globally. MOGOPLUS provides vertical agentic AI solutions into the financial services sector, with a specialisation across the lending and credit lifecycle. Enabling banks and credit providers to automate large parts of their workflows, the MOGOPLUS agentic credit decisioning suite dramatically lowers loan origination costs, and facilitates quicker, more accurate lending decisions. Existing customers include 2 of Australia's Tier 1 Banks, a large Middle Eastern Bank, Customer Owned Mutuals, Credit Unions and a raft of Digital Lending Platforms and Non-Bank Lenders. The funding will allow for additional commercial reach to meet the growing market demand in the agentic AI space and increase development of the range of AI solutions outside of the banking and finance arena. A further funding round to accelerate this growth is also now being structured. Commenting on the raise, MOGOPLUS CEO Mike Page said 'We are thrilled to continue our long-term relationship with New Model as we begin this new chapter of growth.' As the AI agent market continues to mature and enterprises experience the strategic value of utilising a digital workforce in process heavy and manual workflows, the next wave of innovation will utilse a combination of domain expertise and explainable multi-agent architecture. Our decade of expertise in making sense of unstructured financial data positions MOGOPLUS well for this exploding global market. Although the banking and financial services sector provides significant opportunity for us to continue to grow, we are now also seeing interest in our agentic solutions across other verticals such as Telecommunications, Insurance, Wealth, and Loyalty. Having New Models' market reach, expertise, and support to achieve this creates an ideal partnership' New Model's CEO and Founder James King added 'We're delighted to continue backing Mike and the MOGOPLUS team as they scale their proven agentic AI solutions into new markets. Their deep expertise in financial data and strong customer traction with major banks positions them perfectly to capitalise on the explosive growth in enterprise AI adoption.' According to a recent report the AI Agent market is projected to grow from USD$7.84bn in 2025 to USD$52.62bn in 2035. A CAGR of 46.3%. The report states that the market expansion 'will be boosted by industry specific adoption in sectors like healthcare, retail and finance, where agents can tailor interactions, shorten response times and handle intricate regulatory processes Vendors who can create and deliver these specialised intelligent agents will gain a competitive edge, as these systems are integrated into specialist business functions'.
Daily Mail
6 hours ago
- Daily Mail
Shocking scenes as protesters storm a Israeli restaurant in Melbourne - as a Jewish synagogue is torched nearby
A group of pro-Palestine protesters have terrorised shocked diners by storming a restaurant in Melbourne 's CBD - as an arsonist targeted a nearby synagogue. The chaotic scenes unfolded at the Israeli-owned Miznon eatery on Hardware Lane, where up to 20 protesters hurled chairs, food, and glassware at the venue while chanting 'death to the IDF'. Footage shared online showed the breakaway group throwing bollards on their way to the restaurant after a separate protest involving 80 attendees in nearby Swanson Street. When the masked protesters arrived, diners can be heard screaming as furniture and tables are overturned Protesters were then seen clashing with dozens of police after they arrived on scene. One protester was arrested for hindering police and released on summons. 'Several other protestors were spoken to by police and had their identities clarified for the purpose of follow up investigation,' a spokeswoman told Daily Mail Australia. 'Victoria Police continued to support the rights of Victorians to protest peacefully but will not tolerate the kind of anti-social and violent behaviour that was witnessed this evening.' The chaotic scenes shocked diners. Other restaurants in Hardware Lane were also damaged. 'Then they started getting aggressive, throwing tomatoes, chairs, and glasses. They caused lots of damage to the businesses down here,' a diner told the Herald Sun. Just half an hour earlier, a synagogue in East Melbourne was set on fire, which police are treating as suspicious. A man entered the synagogue grounds on Albert Street about 8pm, poured a flammable liquid on the front door, and ignited it before fleeing on foot. About 20 people inside the synagogue at the time. No injuries were reported. Firefighters quickly contained the fire to the entrance, which prevented further damage. Police are working with synagogue members and Jewish community representatives to provide support following the distressing attack. An arson specialist has been called in to assist in determining the cause, and police are reviewing local CCTV footage as part of their ongoing investigations. Victoria Police stressed that anti-Semitic and hate-based behaviour would not be tolerated and that both incidents are being treated with the utmost seriousness. Australian Jewish Democratic Society has condemned both incidents. 'The AJDS utterly and totally condemns the mob action by masked people protesting against the presence of the Miznon restaurant in Melbourne,' it posted online late Friday night. 'Around the same time, there was an attempted arson of the historic Eastern Melbourne Synagogue not far away by masked people. This is an appalling act against the whole Jewish community 'We hope all those responsible are caught and prosecuted.' Police urge anyone with information, footage or CCTV of either incident to come forward.
Daily Mail
6 hours ago
- Daily Mail
EXCLUSIVE I saw something was wrong with the alleged child care monster when he was looking after my kid three years ago - but there was a huge reason why I couldn't raise the alarm
A horrified father has admitted he had grave fears about his son's 'weird and creepy' childcare worker three years before the alleged monster was arrested for sickening crimes against children. But the devastated dad told Daily Mail Australia he didn't raise the alarm for fear of being branded homophobic for speaking out against Joshua Dale Brown, 26. The man's child was two years old when he was placed in Brown's care at Creative Garden Early Learning Centre Point Cook, in Melbourne 's west, for a year in 2022. Brown has since been charged with more than 70 child sex offences, including the sexual penetration of a child and producing child abuse material. Brown was described as socially withdrawn and unsettling around children by the father-of-one, who said he always had a bad feeling about Brown. He said Brown would regularly wear inappropriate 'skin-tight jeans and leather boots' to work in the childcare centre and went out of his way to avoid the boy's dad. The father said Brown also refused to make eye contact and dodged any conversation with the parent. 'I would try and interact with Josh when I dropped my son off and chat, and he would always turn his head and never look me in the eye,' he said. 'It was strange. 'He acted shady, would just look away or at the floor, and my son never wanted to go to him, but he would run to the other educators. 'I spoke to my wife about it and said something is not right here. 'But I was worried if I followed up, I'd be "that guy" and labelled homophobic, which I am not.' 'I had no proof and what could I say? "He wears skin tight skinny jeans and leather boots with one-inch heels and looks like he is going clubbing, not to work?" 'I didn't want to be that person.' The family was among hundreds who received a text from the Department of Health and Victoria Police on Tuesday about the investigation into 'alleged incidents in childcare centres'. 'We understand this may be upsetting, and we want to assure you that help is available,' it read. The text also explained they would receive an email with more information. 'I just thought there must have been something weird that happened in our area, but later I saw an article with Josh's name and photo,' he said. 'And bang, it was out there and I remember just thinking this can't be real. 'I messaged my wife and told her she better sit down before sending it to her and I just thought back to seeing him every morning and knowing that guy was shady.' Brown was also charged with recklessly contaminating goods to cause alarm or anxiety, which is understood to refer to the alleged contamination of food with bodily fluids. 'I know the chef who was there at that time and she had a child who was attending there too,' he added. 'She would be devastated and is an alleged victim too. So many people have got life sentences from what he has allegedly done.' Brown's charges relate to his employment at the day-care where he worked between October 2021 and February 2024, though he also worked at more than a dozen other centres across Melbourne between 2017 and 2025. Police said the alleged victims were between five months and two years of age. After the news broke and the parents of 1,200 children were urged to have them tested for infectious diseases, the dad rushed to collect his son who is still attending the same daycare. 'I picked him up on Tuesday and said, "Do you remember Josh?" and asked if he ever hurt him, and he said, "No", and I didn't want to push it any further. 'When my wife was watching the news, he said, "There is my school, oh look there is Josh" and my wife and I talked about it again and decided not to go into it with him. 'I feel like he would have said something. He is a talkative child and we also know that his behaviour didn't change either. 'He wasn't quiet around that time or not himself - he hasn't changed.' While the dad believes his family may have had a lucky escape from the alleged crimes committed against at least eight other children, he feels for the staff and other parents involved. 'I'm disgusted. How can anyone do that? What the hell goes through your head?' he said. 'I'm angry and upset and hurt - it's a rollercoaster of different emotions. 'I feel so awful for the people who have to get tested and wait for the results, and my heart goes out to the other educators.' The father said he has offered support to the women educators at the centre who he said have cared for his son 'like their own' since he was a baby. 'This is not on them. They didn't know - they are mums themselves. I have asked them if they were ever suspicious like me. 'But they just thought he was really great with the kids,' the dad said. The Victorian government is already reviewing the state's Working With Children Check system and has now ordered the early childhood regulator to investigate the conduct of the childcare operators who employed Brown. Although there have been calls to ban men from working in the industry, with a class action already underway over the allegations, the dad doesn't believe that's the answer. 'Kids benefit a lot from having another male role model in their lives,' he insisted. 'They just need to do more thorough background checks and look deeper into who these people are. 'I don't think it's appropriate to sue anyone. It's unfortunate it allegedly happened, and Josh deserves everything he gets if he is convicted. 'But there are so many other people who are struggling. They may lose their jobs, and they have families to feed too.'
