Let us know about free updates
Qantas is investigating whether a hacking group targeting UK retailer Mark and Spencer this year was behind a cyber attack that violated a database containing the personal information of six million customers of Australian airlines.
The company said the hackers targeted one of the call centers on Monday and gained access to a third-party customer service platform. Qantas said it is likely that “substantial” personal data was extracted from a database that includes customer names, email addresses, phone numbers, date of birth and frequent flyer details.
The database did not contain financial information such as credit card numbers stored on different servers, Qantas said.
The attack comes days after the FBI warned that there were signs that “scattered spider” cybercriminal groups have begun targeting the global airline sector.
“They target large companies and their third-party IT providers, meaning that anyone in the airline’s ecosystem, including trusted vendors and contractors, can be at risk,” the FBI said in a warning last week. They warned that after confidential information was stolen, many times, there were fearful attempts made.
The warning follows recent cyberattacks on Hawaiian Airlines and Canada’s WestJet.
Scattered spiders have been reported to be behind many well-known data breaches, including those from M&S and MGM casinos. It has gained a reputation for effective diving technology, including pretending to be a corporate worker and tricking IT departments into providing access to the system.
Recommended
Qantas, Australia’s largest airline, said it moved quickly to secure its system. Warn the Australian Federal Police and other government agencies and contact affected customers.
CEO Vanessa Hudson said: “We sincerely apologize to our customers and recognize the uncertainty this causes. Our customers trust us with our personal information and take our responsibility seriously.”
Qantas shares fell 3.6% after revealing the hack on Wednesday.
The airline is the latest Australian company affected by telecommunications companies Optus, Healthcare Provider Medibank Private, many Australian pension funds, and telecommunications companies Optus, Healthcare Provider Medibank Private, which has been hit by port operator DP World for the past three years.
