Australian airline Qantas has confirmed that 5.7 million people have recently been affected by a data violation, in which danger actors have stolen customers’ data.
On 1 July, Qantas revealed that it had detected a cyberlack on the previous day, which was on the third party platform used by the Qantas Airline Contact Center.
While the company had not shared any other details, BlappingCopper learned that the attack shared similarities with other attacks on the aviation industry, associated with actors with threats classified as scattered spider.
On Monday, Qantas warned that the danger actors contacted him, it is likely to start taking out the company to prevent the release of the theft figures.
One in Today new updateQantas confirmed that the danger actors have stolen data for about 5.7 million customers, in which different types of data have been exposed in breech:
- 4 million customers are limited to record names, email addresses and Qantas constant flying details. Its:
- The 1.2 million customer records had name and email address.
- 2.8 million customer records included name, email address and Qantas continuously flying numbers. Most of these also included tier. One of these small multisits included the points balance and status credit.
- Of the remaining 1.7 million customers, their records included a combination of some data fields above and one or more of the following:
- Address – 1.3 million. It is a combination of residential addresses and commercial addresses including hotels for wrong goods distribution.
- Date of birth – 1.1 million
- Phone number (mobile, landline and/or business) – 900,000
- Sex – 400,000. It is different for other gender identifiers such as name and salute.
- Food priorities – 10,000
Qantas warned that these calculations are based on unique email addresses, and customers may have several accounts with separate emails.
The airline also keeps emphasizing that any Qantas in the attack repeatedly Flire account, password, password, pin and login details, financial information, or passport details were not stolen.
Qantas says they are now contacting customers whose data was stolen and has implemented additional security measures to protect the customers’ data.
Vanessa Hudson, Chief Executive Officer of the Kantas Group said, “Our full attention has been to understand what data has been compromised for each of the 5.7 million affected customers and to share it with them as soon as possible.”
“From today we are reaching customers to inform the specific individual data fields that were held in the compromise system and recommend how they can use the necessary support services.”
“Since the incident, we have kept several additional cyber security measures to pursue our customers’ data, and what happened continues to review.”
Qantas recommend that customers are looking for email claiming to be from Qantas, which can be efforts to steal further information.
The attack on Qantas follows other recent attacks on the aviation industry, including Hawaiian Airlines and Westjet.
Social engineering attacks are being used to dissolve corporate networks and systems to actors with danger classified as scattered spider, efforts are being made to steal data and extract companies in raising ransom to companies.
In some attacks such as M&S and Co-Oop, danger actors attempted to deploy dragonforce ransomware to encrypt the device.
While cloud attacks can be more sophisticated, the attackers still succeed with surprisingly simple techniques.
Drawing by the detection of Vij in thousands of organizations, this report reveals the 8 major techniques used by Claude-Floid danger actors.
