Qantas Airways Targeted in Major Data Breach Exposing the Details of 6 Million Customers

• Qantas Airways was affected by a security incident that exposed the personal information of six million customers.
• The cyber incident involved a breach of a third-party customer service platform.
• The leaked sensitive details include names, email addresses, phone numbers, and birth dates.

Australia's flagship carrier, Qantas Airways, recently disclosed a significant cyber incident involving a breach of a third-party customer service platform. The cyberattack targeted a call center platform used by Qantas.

The security breach compromised the personal data of approximately six million customers. Exposed information includes names, email addresses, phone numbers, birth dates, and frequent flyer membership numbers.  

Yet, PINs, passwords, and login credentials were reportedly not affected, Reuters mentions in a recent report.  

Qantas said it identified unusual activity on the platform and acted swiftly to contain the incident. The airline has since involved multiple agencies, including the Australian Cyber Security Centre and the Federal Police, to investigate the attack and assess the scale of the breach.  

The breach comes amid heightened concerns about cybersecurity threats in the aviation sector. Recently, the FBI issued a warning regarding cybercriminal groups targeting airlines, emphasizing the tactics used by entities like the Scattered Spider group. 

Known for leveraging social engineering techniques to impersonate IT staff, the threat actor has reportedly prompted breaches in other airlines, such as Hawaiian Airlines and Canada’s WestJet. 

Andy Bennett, Chief Information Security Officer at Apollo Information Systems, noted the group's move into aviation may reflect a natural evolution of their targeting. He further noted that transportation providers maintain extensive data on travelers for compliance, which could be valuable for refining social engineering attacks.

“Scattered Spider could use the type of data held by airlines to build very complete profiles of millions of individuals, including details on their families and relationships, if any travel or booking histories were included in the stolen information,” he said.

“Security fundamentals such as authenticator or token-based multifactor authentication (MFA), and not reusing passwords between systems, can go a long way,” Bennett added.

However, Charles Carmakal, Chief Technology Officer at cybersecurity firm Mandiant, urged caution, noting that while Scattered Spider has a known history of targeting airlines, it is too soon to attribute this breach directly to the group.

“We’re still in the early stages of analysis, and attribution requires clear technical indicators,” he said.

This event marks one of the most severe data breaches to strike the airline in years, raising fresh concerns about cybersecurity within the aviation industry.