Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Qantas data breach. Show all posts
Scattered Lapsus$ Hunters
Data Breach Qantas dark web leak Qantas data breach Qantas ransomware attack Salesforce data breach Scattered Lapsus$ Hunters

5 Million Qantas Travellers’ Data Leaked on Dark Web After Global Ransomware Attack

 

Personal data of around five million Qantas passengers has surfaced on the dark web after the airline fell victim to a massive ransomware attack. The cybercriminal group, Scattered Lapsus$ Hunters, released the data publicly when their ransom demands went unmet.

The hackers uploaded the stolen files on Saturday, tagging them as “leaked” and warning, “Don’t be the next headline, should have paid the ransom.”

The compromised information reportedly includes email addresses, phone numbers, dates of birth, and frequent flyer membership details from Qantas’ customer records. However, the airline confirmed that no financial data, credit card details, or passport numbers were exposed in this breach.

The cyberattack is part of a larger global campaign that has impacted 44 organisations worldwide, with up to a billion customer records potentially compromised. The infiltration occurred through a Salesforce database breach in June, extending from April 2024 to September 2025.

Cyber intelligence expert Jeremy Kirk from Intel 471 said the attackers are a long-established criminal network with members operating across the US, UK, and Australia.
He noted: “This particular group is not a new threat; they've been around for some time.”
Kirk added: “They're very skilled in knowing how companies have connected different systems together.”

Major global brands such as Gap, Vietnam Airlines, Toyota, Disney, McDonald’s, Ikea, and Adidas were also affected by the same campaign.

While Qantas customers’ financial data was not exposed, experts have warned that the leaked personal details could be exploited for identity theft and phishing scams.
Kirk cautioned: “These days, a lot of threat groups are now generating personalised phishing emails.”
He continued: “They're getting better and better at this, and these types of breaches help fuel that underground fraudster economy.”

Qantas has since launched a 24/7 customer support line and provided specialist identity protection assistance to those affected.
A company representative stated, “We continue to offer a 24/7 support line and specialist identity protection advice to affected customers.”

In July, Qantas secured a permanent court order from the NSW Supreme Court to block any unauthorised access, sharing, or publication of the stolen data.

Salesforce, whose database was infiltrated, confirmed that it would not negotiate or pay ransom demands, stating: “We will not engage, negotiate with, or pay any extortion demand.” The company also clarified that its platform itself remained uncompromised and that it continues to work closely with affected clients.

A Qantas spokesperson added: “With the help of specialist cyber security experts, we are investigating what data was part of the release.”
They continued: “We have also put in place additional security measures, increased training across our teams, and strengthened system monitoring and detection since the incident occurred.”
Read more »
Qantas hack
airline cybersecurity Australian cyberattack customer data leak Data Breach data protection Australia Qantas data breach Qantas hack

Qantas Confirms Massive Cyberattack Exposing Data of Over 5.7 Million Customers

 

Australia’s Qantas Airways announced on Wednesday, July 9, 2025, that a large-scale cyberattack has compromised the personal data of millions of its customers, marking one of the nation’s most severe security breaches in recent memory.

According to the airline, over one million customers had highly sensitive details accessed, including phone numbers, dates of birth, and residential addresses. Additionally, the breach impacted another four million customers whose names and email addresses were taken during the intrusion.

Qantas initially reported the incident last week but has now provided further clarity on the scale of the compromise. After carefully removing duplicate records from the initial estimate of six million, the company determined that the database contained unique personal information belonging to approximately 5.7 million individuals.

Despite the scope of the attack, Qantas said there is currently no evidence suggesting that any of the stolen data has been published or misused. The company emphasized that it has been actively monitoring the situation to detect any suspicious activity or unauthorized attempts to disseminate the compromised information.

In response to the breach, the airline has significantly strengthened its cyber security protocols to protect customer data from further exposure. “Since the incident, we have put in place a number of additional cyber security measures to further protect our customers’ data, and are continuing to review what happened,” Qantas Group CEO Vanessa Hudson said in a statement.

The hack has renewed concerns about the resilience of Australia’s critical infrastructure and large corporate networks, coming just a few years after the country grappled with major cyberattacks on telecommunications provider Optus and health insurer Medibank in 2022. Those incidents prompted the government to implement mandatory cyber resilience laws and stricter reporting requirements for serious breaches.

Cybersecurity analysts have warned that companies holding large volumes of consumer data have become prime targets for sophisticated criminal networks and state-sponsored attackers. The Qantas breach underscores the persistent threats facing organizations across all sectors, particularly airlines and travel companies that process vast amounts of personal and financial information.

Qantas has urged customers to remain vigilant against potential phishing scams or suspicious communications that could emerge as a result of the incident. The airline said it is cooperating closely with cybercrime authorities and regulators to investigate the breach and mitigate any further risks.

The company also encouraged affected customers to update their passwords and enable multi-factor authentication wherever possible to enhance their account security.
Read more »
Subscribe to: Comments (Atom)