Ethical Hacking News
Australian airline Qantas has revealed that it was hit by a massive data breach earlier this year, resulting in the theft of sensitive personal information from approximately 5.7 million customers. The breach is believed to have occurred on a "third party platform" used by Qantas' contact center systems, and the attackers accessed various forms of customer data including names, email addresses, physical addresses, dates of birth, phone numbers, genders, and meal preferences.
Australian airline Qantas was the victim of a massive data breach earlier this year.The breach resulted in the theft of sensitive personal information from approximately 5.7 million customers.The stolen information included names, email addresses, physical addresses, dates of birth, phone numbers, genders, and meal preferences.The breach is believed to have been carried out by a group known as Scattered Spider, linked to various high-profile cybercrimes.Qantas has taken immediate action to contain the system and ensure its IT systems remain secure.Customers will be notified directly of how their data was impacted, while frequent flyer members can view affected data types via their account page.The breach highlights the need for organizations to take proactive measures to protect sensitive information from cyber threats.
In a shocking revelation, Australian airline Qantas has announced that it was the victim of a massive data breach earlier this year. The breach, which is believed to have occurred on a "third party platform" used by Qantas' contact center systems, resulted in the theft of sensitive personal information from approximately 5.7 million customers.
According to Qantas, the attackers accessed the personal information and frequent flyer numbers of the majority of its customers, including names, email addresses, physical addresses (residential and business), dates of birth, phone numbers, genders, and meal preferences. The airline has stated that it is not aware of any crooks releasing customer data on the dark web, but is actively monitoring to see if that changes.
The breach is believed to have occurred in a series of attacks by a group known as Scattered Spider, which has been linked to various high-profile cybercrimes in recent weeks. The group's apparent change in tactics has prompted experts to issue warnings about the evolving nature of cyber threats.
In response to the breach, Qantas has taken immediate action to contain the system and ensure that its IT systems remain secure. The airline has increased resourcing in its contact centers and has established a dedicated support line to support affected customers.
Customers aged 15 and above will be notified directly of exactly how their data was impacted by the attack, while those signed up to Qantas' frequent flyer program will also be able to view their affected data types via their account page as part of a new feature to be launched later this week.
Qantas has warned its customers to be extra vigilant against scams, phishing attempts, and other forms of cybercrime. The airline has assured those due to travel on its flights that they do not need to take any additional precautions, but recommends that affected individuals exercise caution when dealing with sensitive information.
The breach is the latest in a series of high-profile cyber attacks targeting major organizations in recent weeks. Other airlines such as Hawaiian and WestJet have also been targeted by Scattered Spider's apparent change in tactics. The group's modus operandi appears to involve using scattered domains, which can be used to target individuals and organizations across various industries.
The impact of the breach on Qantas' customers is still being assessed, but the airline has assured that it is taking steps to mitigate any potential damage. The airline's IT systems are safe to use, according to its FAQ page, and additional security measures have been put in place to further restrict access and strengthen system monitoring and detection.
In a related development, experts have confirmed that Cl0p cybercrime gang's data exfiltration tool is vulnerable to RCE attacks. The move has raised concerns about the MOVEit menace being exploited by other groups.
The incident highlights the need for organizations to take proactive measures to protect their sensitive information from cyber threats. As the threat landscape continues to evolve, it is essential that individuals and organizations remain vigilant and take steps to safeguard their personal data.
In conclusion, the breach of Qantas' customer database has highlighted the risks associated with modern-day cybercrime. The airline's response to the breach demonstrates its commitment to protecting its customers' sensitive information, but there is still much work to be done to ensure that individuals are adequately protected from these types of threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Australian-Airlines-Hit-by-Massive-Data-Breach-Qantas-Reveals-Scope-of-Attack-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/07/09/qantas_begins_telling_customers_data/
Published: Wed Jul 9 06:54:20 2025 by llama3.2 3B Q4_K_M
