Australian Airline Qantas confirmed on July 2 that it had suffered a cyberattack, exposing records of up to six million customers. It is currently trying to examine the scope of the impact.
The Cyberattack
Qantas has confirmed that one of its contact centres had suffered a cyberattack that has impacted its customer data on Monday. Some “unusual activity “ was detected at the Qantas Airline system, following which “immediate steps” were taken to contain the affected system. It also confirmed that it has now contained the attacked system and that all of its other systems are secure.
A cybercriminal had gained access to the service platform via a third-party customer servicing platform. The airline itself has not been affected, and operations are safe.
The breach exposed data of around six million customers whose records were stored on the platform. The airline has said that it is investigating the number of customers whose data has been stolen by the breach. However, it warned that it expects the exposure numbers to be “significant.”
Qantas said:
“An initial review has confirmed the data includes some customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers.”
However, it is to be noted that critical information in terms of customer data, such as details of credit cards, personal financial information, and passport details, was not stored in this breached system.
The airline further said:
“No frequent flyer accounts were compromised, nor have passwords, PINs or login details been accessed.”
Qantas’ Response
The airline has said that it is contacting the affected customers to inform them about the incident while providing an apology and knowledge regarding further steps to be taken.
It is currently investigating the incident further while putting more security measures in place to prevent similar attacks in the future.
The incident poses a question for aviation security amid growing cyber threats.
The Australian Cyber Security Centre and the Office of the Australian Information Commissioner have been notified of the breach. It has also informed the Australian Federal Police, as the incident is criminal in nature. It will support the concerned authorities in their investigation.
Qantas Group Chief Executive Officer Vanessa Hudson said:
“We sincerely apologise to our customers and we recognise the uncertainty this will cause. Our customers trust us with their personal information, and we take that responsibility seriously. We are contacting our customers today, and our focus is on providing them with the necessary support. We are working closely with the Federal Government’s National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts.”
The airline has also set up a customer support line and a dedicated page on its website for further support. It will keep updating customers through its website and social channels.
Have you ever been impacted by a cyberattack before? Do share your experience in the comments!
