A cyber security incident at Qantas originated from a compromised third-party contact centre and is tentatively linked to cyber attacks by the Scattered Spider hacking collective. Mandiant analysts are investigating multiple cyber attacks against the aviation sector, which follows previous targeting of UK and US retailers and insurance companies. The Qantas breach allowed criminals to access a customer service platform and exfiltrate data on approximately six million people, including names, email addresses, and other personal information, but no financial data was breached. Attribution to Scattered Spider remains uncertain.
Scattered Spider is known to favour a sector-by-sector approach to its targeting, focusing on one vertical at a time before moving on.
The Qantas breach, which was first detected on Monday 30 June, saw the cyber criminals gain access to a customer service platform at the victimised contact centre, from where they were able to exfiltrate data on approximately six million people.
According to the Aussie flag-carrier, the data include names, email addresses, phone numbers, birth dates and frequent flyer numbers, but not credit card details, financial information or passport details.
While Scattered Spider has a history of targeting global organisations including those in Australia, it's too early to tell if they've expanded their current targeting to Australian airlines.
Collection
[
|
...
]