Australian airline Qantas has revealed it has been contacted by a “potential cybercriminal” in relation to a massive breach of customer data.
Qantas is currently working to validate the authenticity of the purported cybercriminal. No details have been provided on the exact nature of the contact, such as whether a ransom payment has been demanded.
“As this is a criminal matter, we have engaged the Australian Federal Police and won’t be commenting any further on the details of the contact,” the firm wrote in an incident update on July 7.
“There is no evidence that any personal data stolen from Qantas has been released, but with the support of specialist cyber security experts, we continue to actively monitor,” Qantas added.
The airline confirmed that no further threat activity has been detected on the system after containing the incident on June 30.
“We can confirm all Qantas systems remain secure,” the airline stated.
Confirmed Breach of Customers’ Personal Data
On July 2, the airline disclosed that it had suffered a cyber incident which may have led to the compromise of a “significant” volume of personal information belonging to customers.
Although it didn’t specify how many customers may be affected, reports suggest the figure could be as high as six million.
Read more: The Rising Cyber Threats Impacting Major Airlines
The attackers targeted a call centre and gained access to a third-party customer servicing platform to compromise the data.
In the latest update, Qantas said it will be in a position to update customers on the types of their personal data that was contained in the compromised system later this week (w/c July 7).
This will confirm specific data fields for each individual, which will vary from customer to customer.
An initial review has confirmed that personal contact and flight details have been stolen for some customers. These are:
- Names
- Email addresses
- Phone numbers
- Dates of birth
- Frequent Flyer numbers
No credit card details, personal financial information or passport details were held in the affected system. While some Frequent Flyer numbers were accessed, no Frequent Flyer accounts were compromised, nor have passwords, PINs or log in details been accessed.
All Frequent Flyer members received an initial email communication from Qantas on Wednesday 2 July, to advise them of the occurrence of an incident.
Additionally, all impacted customers aged 15 and above for whom Qantas hold an email address for were notified in a second email on Thursday, July 3.
Customers have been urged to be alert for unusual communications claiming to be from Qantas or requesting personal information or passwords.
“Qantas will never contact customers requesting passwords, booking reference details or sensitive login information,” the company wrote.
Image credit: AirDanMe / Shutterstock.com
No tags.
