Qantas Airways, which exposed the personal information of approximately 6 million customers, underscores the escalating vulnerabilities within the aviation sector. The breach involved unauthorized access to a third-party customer service platform, leading to the theft of sensitive data such as names, email addresses, phone numbers, birth dates, and frequent flyer numbers . Although no financial information was compromised, the incident highlights significant cybersecurity risks that airlines face in an increasingly digital landscape.
Qantas contact center, the airline said in a statement on Wednesday. Six million customers have service records on the platform – with data including some of their names, email addresses, phone numbers, birth dates and frequent flyer numbers.
However, the platform does not contain any customer credit card details, financial information or passport details, Qantas said.
After Qantas detected “unusual activity” on the platform, it took action and “contained” the system, it said. The statement said all Qantas systems are now secure, and there is no impact to the company’s operations or safety.
Qantas says no credit card or personal financial information was exposed, and frequent flyer account passwords, PINs, and login details were not impacted.
After detecting the breach, Qantas says it notified the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and the Australian Federal Police. It's unclear if external cybersecurity experts are assisting with the investigation. In the case of Qantas, the hack was a “vishing” — or voice phishing — attack where a call centre worker was tricked into allowing a third-party into the system. Qantas said it had moved quickly to secure its systems and would contact affected customers. The breach is a blow to efforts by chief executive Vanessa Hudson to turn around the airline after a post-pandemic hit to its reputation. Customers complained about a collapse in airline punctuality, and a consumer regulator fined Qantas for selling tickets on flights it had already cancelled.
This breach is particularly alarming given its context; it follows other notable incidents involving major Australian companies such as Optus and Medibank in 2022 . Qantas's proactive measures—detecting unusual activity and notifying authorities—are commendable yet reflect a reactive approach to an ongoing threat. As cybersecurity firms warn of heightened targeting by groups like "Scattered Spider," it becomes imperative for airlines to strengthen their defenses against potential cybercriminal activities .
Read more
Scooter Braun Resigns as HYBE America CEO Scientists Use MRI to Decode Brain’s Internal Clock, Predict Dementia EarlySara H
Also on site :