A major cyber attack that exposed the data of millions of Qantas customers has raised serious concerns about the security of third-party systems amid concerns the airline was targeted by international hackers.
Australia’s largest carrier on Wednesday revealed details of the cyber incident involving one of its offshore call centres.
About six million customers were impacted, with some names, dates of births, email addresses, phone numbers and frequent flyer numbers exposed.
To date, no credit card details, financial data, passport numbers or frequent flyer account information had been compromised, Qantas said.
But experts warn there might be more details to come about the level of exposure of customers.
“It’s an unknown because it is an unfolding situation,” RMIT’s Centre for Cyber Security Research director Matthew Warren told AAP.
“We’re going to be informed sooner rather than later about the impact of this.”
Qantas first caught wind of the attack when it detected unusual activity on a third-party platform used by a call centre on Monday.
“There is no impact to Qantas’ operations or the safety of the airline,” the company said in a statement.
“We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant.”
The hackers responsible for the attack have not been identified, but Professor Warren speculated it might be the work of a Russian gang looking to sell the data on the dark web.
But other cyber experts think the attack was launched by Scattered Spider, believed to be a group of young hackers living in the US and the UK.
America’s FBI warned the group had been targeting the airline sector by impersonating legitimate users to bypass multi-factor authentication and access systems.
It followed North America’s Hawaiian Airlines and WestJet being hit by similar attacks.
Scattered Spider most recently launched a ransomware attack on the UK’s retailer Marks & Spencer to knock out its contactless payment centre and online ordering.
Meanwhile, experts say the attack raises serious concerns about the security of third-party systems, given how many Australian companies outsource call centres overseas.
“Was there a security failure? Was there an insider risk?” Prof Warren said.
It is the latest major cyber attack affecting major Australian businesses in recent years.
Telco Optus was hit with a breach in which 10 million former and current customers’ names, dates of births, phone numbers, email addresses and for some, ID details, were leaked.
Health insurer Medibank also experienced a substantial breach when 9.7 million customers’ details were published on the dark web.
“This is the new normal, that we’re sitting in with these global issues,” Prof Warren said.
“Australia in this incident is the unfortunate victim of the attack.”
Qantas Group chief executive Vanessa Hudson said the company was working closely with the National Cyber Security Co-ordinator, the Australian Cyber Security Centre and independent specialised cyber security experts.
“We sincerely apologise to our customers and we recognise the uncertainty this will cause,” she said.
“Our customers trust us with their personal information and we take that responsibility seriously.
“We are contacting our customers today and our focus is on providing them with the necessary support.”
A dedicated customer support line had been established to provide customers with the latest information.
Frequent flyers were sent an email from Ms Hudson explaining that the attack exposed some customer data but reassuring them it was being taken seriously.
Customers have been urged to change their passwords and incorporate multi-factor authentication on accounts.
Qantas shares dropped about 3.6 per cent following the announcement, but they had recovered slightly to be about 2.4 per cent down by mid-afternoon.
Australian Associated Press is the beating heart of Australian news. AAP is Australia’s only independent national newswire and has been delivering accurate, reliable and fast news content to the media industry, government and corporate sector for 85 years. We keep Australia informed.
