Australian airline Qantas has disclosed a cybersecurity breach that may have compromised sensitive details belonging to 6 million customers.
On 30 June, suspicious activity was detected on a third-party customer service platform that uses a Qantas call center to store the data of nearly six million people, including names, email addresses, phone numbers, birth dates and frequent flyer numbers.
Though the full extent of the breach is being investigated, Qantas is expecting the proportion of data stolen to be “significant”.
“Initial reports on Qantas’ cyber breach show many hallmarks of the Scattered Spider ransomware group, which claimed responsibility for attacks against America’s Hawaiian Airlines and Canada’s Westjet last week, and the crippling attack against Marks & Spencer in the UK in April,” said Tony Jarvis, field chief information security officer and vice president APJ at Darktrace.
“Scattered Spider are thought to be native English speakers who don’t just exploit technical vulnerabilities but manipulate people, especially IT help desks, through phishing, multi-factor authentication bombing and SIM swapping to gain access.”
“The unfortunate thing is that this sort of third-party attack is not unique. It is just one more example of why cyber security is a fundamental business priority across the entire supply chain – especially when defending against highly targeted tactics that bypass traditional security measures,” Jarvis continued.
“How significant the impact will be to Qantas’ operations – across both digital and physical channels – and the damage to its brand and reputation remains to be seen.”
