"Qantas Airlines confirms massive customer data breach in cyber-intrusion targeting their call center"
In a concerning turn of events, the Australian airline Qantas has experienced a data breach that affected approximately 5.7 to 6 million customers. The breach is suspected to be linked to the hacking collective known as Scattered Spider, a group notorious for using sophisticated social engineering methods to gain unauthorized access to systems.
The breach was detected on a third-party platform used by one of Qantas' call centres on Monday. Scattered Spider, which has been targeting retail companies in the U.K. and the U.S. since May, shifted its focus towards the insurance sector in late June and, more recently, the aviation industry.
The hackers accessed a significant amount of customer data, including names, addresses, phone numbers, dates of birth, and frequent-flyer numbers. However, credit card details, personal financial information, and passport information were not compromised.
Qantas' systems are now secure, and the airline is operating normally. The airline is working with government authorities and independent forensic experts to investigate the breach and contain any potential further damage.
Charles Carmakal, chief technology officer at Mandiant, cautioned that it's too early to tell if Scattered Spider has expanded its current targeting to Australian airline organizations.
Scattered Spider is known for its social-engineering tactics, including voice phishing and other tactics designed to trick call-center workers into handing over credentials or otherwise bypassing multifactor authentication.
Other hacking groups, such as UNC6040, are also using similar social-engineering tactics. Early last month, Google Threat Intelligence Group said that UNC6040 has been using voice phishing techniques to compromise Salesforce accounts, steal data, and engage in extortion attacks.
It's important to note that Hawaiian Airlines confirmed that it was the target of a cyberattack, although it did not attribute the breach to any specific group. American Airlines experienced an unspecified IT outage last week, although it remains unclear if a hack was to blame.
In a statement, Qantas confirmed that they have made contact with a suspected hacker, and the Australian Federal Police is investigating further. Qantas has also made additional comments regarding the ongoing investigation but did not provide further details.
The FBI recently issued a warning about Scattered Spider's increased targeting of the airline sector, further supporting the potential connection to the Qantas breach. As the investigation continues, Qantas customers are encouraged to monitor their accounts for any suspicious activity and to remain vigilant against potential phishing attempts.
- Scattered Spider's targeting of the aviation industry, as seen with the data breach at Qantas, highlights a growing privacy threat in the airline sector.
- The sophistication of Scattered Spider's methods, such as voice phishing and social engineering, underscores the importance of robust cybersecurity measures in general-news and politics.
- Despite the breach, it's crucial for Qantas customers to stay aware of potential phishing attempts, given the group's history of extortion attacks and data theft.
- As the investigation into the Qantas data breach continues, it's evident that threat intelligence plays a vital role in protecting businesses, particularly in the technology-driven travel industry.
