Qantas says 6 million airline customers' data impacted by cyberattack
July 2 (UPI) -- Australian airline Qantas announced Wednesday that it was targeted by a cyberattack that led to the data of six million customers being exposed.
The company said its system has been "contained" after it detected a "cybercriminal" had breached a third-party customer servicing platform on Monday.
Qantas said all its systems remain secure, and the airline is reaching out to customers to apologize and make them aware of what happened.
The Australian Cyber Security Center and the Office of the Australian Information Commissioner have also been notified, as has the Australian Federal Police.
Furthermore, Qantas said it has put "additional security measures" in place to "restrict access and strengthen system monitoring and detection," but it is unclear what those measures entail.
The company said there are six million customers who have service records in its platform, and that data stolen includes customer names and contact information, as well as birth dates and frequent flyer numbers.
Qantas' Group Chief Executive Officer Vanessa Hudson gave an apology to customers in the release.
"Our customers trust us with their personal information and we take that responsibility seriously," Hudson said.
None of Qantas' operations were affected in the incident. Customers can connect with a team that provides specialist identity protection advice and resources and can call them on the airline's dedicated support line.
The FBI announced Friday that a cybercriminal group called Scattered Spider was "expanding its targeting to include the airline sector" by deceiving IT help desks into thinking its hackers are employees or contractors and granting them system entry.
Once inside, the FBI alleges that "Scattered Spider actors steal sensitive data for extortion and often deploy ransomware." Canada's WestJet airline company and Hawaiian Airlines had already reported security infiltrations in June.
Qantas has not confirmed if Scattered Spider was behind their breach.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Wire
an hour ago
- Business Wire
CyberCube Flags Sectors at Highest Risk for Scattered Spider Attacks
LONDON--(BUSINESS WIRE)--CyberCube, the global leader in cyber risk analytics, has identified Manufacturing, Education, IT, and Retail as the sectors most at risk of attacks from Scattered Spider, the versatile extortion crew behind the recent spate of high-profile hacks. Scattered Spider has evolved from a newly identified social‑engineering crew in 2022 into one of the most aggressive ransomware‑and‑extortion outfits on today's threat landscape. Since April this year, Scattered Spider has been moving swiftly across industries, leaving financial losses in its wake. The group has expanded its campaigns across seemingly unrelated sectors, including retail, insurance, and airlines, using sophisticated social engineering tactics such as help desk impersonation and authentication bypass to infiltrate high-value corporate networks. Cyber risk exposure managers can leverage CyberCube's Portfolio Threat Actor Intelligence (PTI) solution to pinpoint organizations in their portfolios most at risk of being targeted by Scattered Spider. CyberCube has analyzed a portfolio of approximately 15,000 companies from key global markets, segmenting them into risk tiers based on their exposure to Scattered Spider, specifically their technology footprint and observed security weaknesses. The analysis found that 2% of companies with revenues over $500 million across eight key cyber (re)insurance markets — USA, UK, Canada, Australia, Germany, France, Japan, and Singapore — face the highest likelihood of being targeted by Scattered Spider. CyberCube identified 287 high-risk companies (2%) that use three or more technologies frequently targeted by Scattered Spider, combined with security lapses the group is known to exploit. Notably, high-risk companies also tolerate security conditions that may allow the threat actor to complete critical steps across the attack lifecycle and ultimately achieve their objectives. Medium-risk companies (1,037, or 7%) use at least one of the group's preferred technologies and exhibit security weaknesses that could enable only partial progression through the attack lifecycle. In a blog published online, CyberCube has also provided an industry breakdown of the high-risk companies for potential Scattered Spider attacks. William Altman, Head of Cyber Threat Intelligence Services and blog author, said: 'CyberCube's analysis reveals both a current cluster of elevated risk in the market and a strategic opportunity for cyber (re)insurers to act preemptively by managing exposure and incentivizing better security before Scattered Spider strikes again. For portfolio managers, our findings reinforce the need to move beyond broad sector assumptions and focus on mapping technological and security posture overlaps across seemingly unrelated sectors and insureds.' Portfolio Threat Actor Intelligence (PTI) harnesses the power of Artificial Intelligence (AI) to map the behaviour of cyber threat actors and the technologies they most frequently target. It is included as part of the CyberCube Concierge Threat Intelligence service — a first-of-its-kind offering designed specifically for the unique needs of cyber (re)insurers, built by experts in cyber threat intelligence, risk, and insurance. CyberCube's blog can be found here: CyberCube: 2% of Large Firms at Highest Scattered Spider Risk. About CyberCube CyberCube is the leading provider of software-as-a-service cyber risk analytics to quantify cyber risk in financial terms. Driven by data and informed by insight, we have harnessed the power of artificial intelligence to supplement our multi-disciplinary team. Our clients rely on our solutions to make informed decisions about managing and transferring cyber risks. We unpack complex cyber threats into clear, actionable strategies, translating cyber risk into financial impact on businesses, markets, and society as a whole. The CyberCube platform was established in 2015 within Symantec and now operates as a standalone company. Our models are built on an unparalleled ecosystem of data and validated by extensive model calibration, internally and externally. CyberCube is the leader in cyber risk quantification for the insurance industry, serving over 100 insurance institutions globally. The company's investors include Forgepoint Capital, HSCM Bermuda and Morgan Stanley Tactical Value. For more information, please visit or email info@
Yahoo
5 hours ago
- Yahoo
Two arrested over ‘Chinese blessing scams' targeting elderly Asian women in Australia
Two alleged fraudsters accused of swindling an elderly woman out of tens of thousands of dollars in cash have been arrested by Australian police investigating a spate of 'Chinese blessing scams.' Chinese blessing scams have been reported worldwide for the last 25 years or so, including in the United States, the United Kingdom, Canada and New Zealand. Offenders typically target elderly Asian women and convince them that a member of their family is cursed or in danger. Victims are told the only way to ward off negative spirits is to have their wealth blessed. 'It's a robbery by stealth. These offenders swarm these vulnerable victims, usually Asian, older females. They swarm like a pack of hyenas,' said New South Wales Police Detective Superintendent Guy Magee. A 63-year-old woman was detained at Sydney International Airport Thursday after 'extensive inquiries' by Strike Force Sentinel, a special task force formed in April to investigate 80 reports of the scams, involving the alleged theft of 3 million Australian dollars ($2 million). She's been charged with a number of offenses. Her alleged accomplice, a 63-year-old man, was detained Friday at Brisbane Airport as he attempted to leave Australia on a flight to China. He's expected to be charged soon. Detective Superintendent Magee said Friday the alleged perpetrators of Chinese blessing scams are targeting the entire east coast of Australia. 'They'll fly in. They'll prey on the vulnerable in their own community. They'll capitalize on the vulnerabilities of that community around superstition,' he said. Typically, the elderly victim is taken to someone purporting to be a spiritual healer, who tells them to put their money and valuables in a bag. 'They will convince them that it's been blessed, and they'll tell them not to open that bag for a period of time, up to months. And if they do, they will come across bad fortune,' said Magee. 'Unfortunately, the victims are opening those bags to find their money and jewelry is simply not in there. It's disgraceful.' The two suspects arrested this week are accused of defrauding a 77-year-old woman of cash and jewelry worth 130,000 Australian dollars ($85,000) in the western Sydney suburb of Parramatta in June. NSW Police say they believe 50 people are involved in the scam, and they've identified 25 suspects by name. Another 25 people have been seen on camera allegedly taking part. Eleven arrest warrants have been issued. 'It's like a role play. There's nothing by chance in what they do, they all have deliberate roles,' said Magee. He said police believe the crime is 'profoundly underreported' due to the victims' embarrassment and shame about being conned. The number of cases is 'probably double' police estimates, he added. Last November, New Zealand Police arrested three Chinese nationals as they attempted to leave the country on flights to China after allegedly stealing thousands of dollars. Police allege the trio arrived in the country that October and within days started targeting elderly members of the community. The alleged scammers conned two victims out of about 30,000 New Zealand dollars ($18,000) in cash and jewelry, police said in a statement. A 'substantial amount' of money was retrieved, they added. NSW Police issued advice to the community to beware of people asking directions to a Chinese herbal doctor or spiritual healer. 'Do not bring strangers home,' the advice said. Do not hand any valuables to strangers and 'do not put money or jewellery in a bag for any blessing ritual,' it added.
Yahoo
8 hours ago
- Yahoo
Qantas hit by ‘significant' cyberattack, data breach of 6 million customers days after FBI warning to airlines
Qantas said on Wednesday it is contacting customers after a cyberattack targeted a third-party customer service platform that stored the personal data of 6 million customers. No tax on tips or overtime, with a catch: What to know as Trump's 'big, beautiful bill' passes the Senate 'Alligator Alcatraz' merch appears on Amazon and Florida GOP website, making light of controversial facility Psychologists now know exactly what makes someone cool. Turns out, the definitions are universal Here's what you need to know. On Monday June 30, Australia's largest airline detected 'unusual activity' on a third-party platform. It took 'immediate steps and contained the system,' according to a statement. 'We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant,' Qantas said in that statement. 'An initial review has confirmed the data includes some customers' names, email addresses, phone numbers, birth dates, and frequent-flier numbers.' The database did not contain credit card, personal financial information, or passport details. In addition, Qantas said that no frequent-flier accounts, passwords, personal identification numbers, or login details were accessed. The Australian airline giant said it is putting additional security measures in place to further restrict access and strengthen monitoring and detection as it investigates whether the cybercriminal group Scattered Spider is responsible for the attack, according to the Financial Times. The attack comes days after the FBI warned that the group had started to target global airlines. The warning followed recent cyberattacks on Hawaiian Airlines and Canada's WestJet, the Financial Times reported. Scattered Spider is thought to have conducted a number of high-profile data breaches, including an attack on U.K. retailer Marks and Spencer. Qantas Group CEO Vanessa Hudson said the airline was working closely with the federal government's national cybersecurity coordinator, the Australian Cyber Security Centre, and independent specialized cybersecurity experts. The airline said it was contacting all customers affected by the data breach. Customers can contact Qantas's dedicated support line at +61 2 8028 0534 with any questions. Shares of Qantas (ASX: QAN) fell 2.2% on Wednesday after the Australian airline confirmed the cyberattack. The airline, which trades on the Australian Securities Exchange (ASX), has a market capitalization of AU$15.91 billion (US$10.47 billion). In February, it reported its half-year earnings results for the period ending December 31, 2024, with an increase in underlying pretax profits, up 11% to AU$1.39 billion (US$914 million), and earnings per share (EPS) of AU$0.63 (US$0.41), up 21%. This post originally appeared at to get the Fast Company newsletter:
