Cybercriminals have targeted another major Australian corporation—this time, the national flag carrier Qantas, putting the data of millions of people at risk.
On July 2, Qantas announced it had discovered the breach at one of its contact centres and taken action to contain the affected system.
According to the airline, a hacker targeted a call centre and successfully gained access to a third-party customer servicing platform used by Qantas.
It is estimated the platform holds the records of 6 million Qantas customers, including information such as names, email addresses, phone numbers, birth dates and frequent flyer numbers.
However, these records do not contain credit card details, personal financial information, or passport details.
In addition, the hacker did not gain access to customers’ frequent flyer accounts, nor did they compromise their passwords, PIN numbers, or login details.
Qantas said all of its systems remain secure after it isolated the breached system.
The airline is currently investigating the amount of data that has been stolen and expects it to be significant.
Following the incident, Qantas has implemented additional cybersecurity measures and enhanced system monitoring and detection.
The airline has also reached out to authorities, including the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and the Australian Federal Police for support.
CEO Apologises
Qantas CEO Vanessa Hudson has issued a formal apology over the incident.“We are contacting our customers today, and our focus is on providing them with the necessary support.
“We are working closely with the federal government’s National Cyber Security Coordinator, the Australian Cyber Security Centre, and independent specialised cyber security experts.”
Hang Up on Cold Calls: Home Affairs Minister
Home Affairs Minister Tony Burke said Australians needed to be careful.“Because emails and phone numbers have been compromised, if anyone gets a cold call from Qantas, hang up.
“If you’re going to talk to Qantas on the phone, use the published number and you make the call. If you get an email that is asking you to click through on a link in any way, don’t respond to it. The only way to deal with them digitally, is to work through the Qantas app,” he told ABC’s Afternoon Briefing.
He said authorities were still working through the type of information taken by the hackers.
“That particular database will hold what special meals people have and things like that, which can lead to other information.”
Qantas’ cyberattack comes just months after hackers targeted several major businesses and organisations in Australia.
While super funds’ cyber defence repelled most of the attack attempts, hackers successfully gained access to some accounts, resulting in financial losses for members.
In March, Nine News experienced a data breach, causing the information of thousands of newspaper subscribers to be exposed online.
