Qantas Confirms Cyberattack Data Leak Affecting 5.7 Million Customers

Australian airline Qantas announced on Sunday that data from approximately 5.7 million customers has been leaked online following a significant cyberattack earlier this year. This breach is part of a larger incident reportedly affecting numerous companies, including major corporations like Disney and Google.

In July, Qantas revealed that hackers had compromised one of its customer contact centers, gaining access to a computer system managed by a third-party vendor. The stolen information includes customer names, email addresses, phone numbers, and birthdays. Qantas emphasized that sensitive financial details, such as credit card numbers and passport information, were not stored in the compromised system.

The third-party vendor implicated in the breach is believed to be Salesforce, which acknowledged last week that it was aware of extortion attempts by cybercriminals. According to AFP, the hackers have also targeted multiple other firms, including IKEA, Toyota, and airlines such as Air France and KLM.

In a statement, Qantas noted, “With the help of specialist cyber security experts, we are investigating what data was part of the release.” The airline has sought legal action through the Supreme Court of New South Wales to prevent the stolen data from being accessed or disseminated by any party, including third parties.

Cybersecurity analysts have linked this incident to the Scattered Lapsus$ Hunters, a group of cybercriminals responsible for a series of high-profile data breaches. Research group Unit 42 reported that the group has claimed responsibility for targeting customer accounts on Salesforce as part of a coordinated effort to extract data and demand ransom. The hackers have reportedly set a deadline of October 10, 2023, for any ransom payment.

Threat intelligence platform FalconFeeds reported that the stolen customer data was posted on the dark web over the weekend, raising concerns about the potential misuse of this information. Other companies, including Vietnam Airlines and Gap, have also reportedly experienced data leaks in connection with this cyberattack.

Experts suggest that the hackers utilized social engineering techniques to execute the breach, manipulating individuals by posing as trusted company representatives. As the investigation continues, Qantas is working diligently to secure its systems and protect its customers’ information.

The ramifications of this incident extend beyond Qantas, highlighting the ongoing vulnerabilities faced by organizations relying on third-party systems. As data privacy remains a growing concern, the airline and its partners are under pressure to enhance their cybersecurity protocols to prevent future breaches.