Australian airline Qantas has confirmed that 5.7 million people have been impacted by a recent data breach, in which threat actors stole customers' data.
On July 1st, Qantas disclosed that it had detected a cyberattack the previous day on a third-party platform used by a Qantas airline contact centre.
While the company did not share any further details, BleepingComputer learned that the attack shared similarities with other attacks on the aviation industry linked to threat actors classified as Scattered Spider.
On Monday, Qantas warned that the threat actors had contacted them, likely to begin extorting the company to prevent the release of the stolen data.
In a new update today, Qantas has confirmed that the threat actors stole data for approximately 5.7 million customers, with varying types of data exposed in the breach:
4 million customer records are limited to name, email address and Qantas Frequent Flyer details. Of this: 1.2 million customer records contained name and email address. 2.8 million customer records contained name, email address and Qantas Frequent Flyer number. The majority of these also had tier included. A smaller subset of these had points balance and status credits included.
Of the remaining 1.7 million customers, their records included a combination of some of the data fields above and one or more of the following: Address – 1.3 million. This is a combination of residential addresses and business addresses including hotels for misplaced baggage delivery. Date of birth – 1.1 million Phone number (mobile, landline and/or business) – 900,000 Gender – 400,000. This is separate to other gender identifiers like name and salutation. Meal preferences – 10,000
Qantas warns that these counts are based on unique email addresses, and customers may have multiple accounts with different emails.
The airline also continues to stress that no Qantas Frequent Flyer accounts, passwords, PINs and login details, financial information, or passport details were stolen in the attack.
... continue reading