Qantas Confirms Major Data Leak Affecting 5.7 Million Customers

Australian airline Qantas has confirmed that data from approximately 5.7 million customers has been leaked online following a significant cyberattack earlier this year. The breach, which initially targeted one of Qantas’ customer contact centres, involved unauthorized access to sensitive customer information, including names, email addresses, phone numbers, and birth dates. The airline emphasized that critical details such as credit card numbers and passport information were not stored in the compromised system.

The breach, reported in July, implicated a third-party software provider, identified by sources as Salesforce. This company recently acknowledged facing extortion attempts from cybercriminals and is working to address the situation. In a statement, Qantas noted, “With the help of specialist cyber security experts, we are investigating what data was part of the release.”

Broader Implications of the Cyberattack

The data leak is part of a larger trend affecting numerous organizations globally. Other victims include prominent companies like Disney, Google, IKEA, Toyota, McDonald’s, and airlines such as Air France and KLM. The cyberattack has been attributed to a group of hackers known as Scattered Lapsus$ Hunters, who have claimed responsibility for infiltrating customer accounts on the Salesforce platform.

Research group Unit 42 detailed that this group coordinated efforts to steal data and hold it for ransom, reportedly setting a payment deadline of October 10. Cybersecurity analysts have indicated that the hackers utilized social engineering tactics, manipulating victims by impersonating trusted company representatives.

In response to the breach, Qantas has pursued legal measures, obtaining an injunction from the Supreme Court of New South Wales. This legal action aims to prevent the stolen data from being accessed, viewed, released, or used by any parties, including third parties.

Impact on Customers and Industry Response

Threat intelligence platform FalconFeeds reported that the stolen customer data began appearing on the dark web over the recent weekend. The implications of this leak extend beyond Qantas, with other affected companies including Vietnam Airlines, clothing giant Gap, and Japanese multinational Fujifilm.

As companies face increasing threats from cybercriminals, the Qantas incident highlights the vulnerability of sensitive customer information in today’s digital landscape. The airline’s proactive measures, including the engagement of cybersecurity experts and legal action, reflect an urgent response to mitigate potential damage and protect customer data.

The ongoing investigation continues to unfold as Qantas works to address the ramifications of the breach and reassure its customers about the safety of their information.