Australian airline Qantas disclosed a significant cyber breach stemming from a targeted attack on a third-party call-center system in Manila. The attack began on July 2, giving cybercriminals access to names, email addresses, phone numbers, birthdates, and frequent flyer details affecting around 5.7 million customers. Fortunately, no financial or passport information was compromised.
Tactics & Attribution
The breach is believed to be orchestrated by the Scattered Spider hacking group, known for “vishing” attacks and help-desk impersonation. A suspected ransom demand was reportedly made, though this has not been confirmed by Qantas.
Aftermath & Response
Qantas initiated phased notifications and tightened its security protocols. The airline confirmed cooperation with the Australian Federal Police, FBI, and other agencies. CEO Vanessa Hudson emphasized that no travel credentials were compromised and recommended vigilance against phishing attempts.
This breach marks one of Australia’s most significant recent cyberattacks and highlights persistent vulnerabilities in third-party vendor systems.