CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Cybercrime

Qantas Hit with Extortion Demand After Data Breach

The Australian airline says a cybercriminal attempted to extort it after customer data was stolen from a contact center. The post Qantas Hit with Extortion Demand After Data Breach appeared first on SecurityWeek.

Qantas Data breach

Australian airline Qantas on Monday confirmed that it has received an extortion attempt following the June 30 cyberattack and data breach at one of its call centers.

Last week, the country’s flag carrier announced that hackers accessed a third-party platform used by the contact center and exfiltrated data from it.

The platform contained service records for 6 million customers, including personal information such as names, email addresses, phone numbers, dates of birth, and frequent flyer numbers.

The compromised platform was immediately secured and no Qantas systems were affected by the attack. The airline’s operations were not impacted.

In a July 7 update, the company said it has seen no further threat activity on the compromised system, that Qantas Frequent Flyer accounts were not affected, and that no credit card information, passport details, or financial data was compromised.

Additionally, the airline revealed that the threat actor behind the attack has contacted it, and that it is currently working on validating the hacker’s claims.

“As this is a criminal matter, we have engaged the Australian Federal Police and won’t be commenting any further on the details of the contact,” Qantas said.

The company also noted that it has no evidence that any of the stolen data has been released publicly, adding that it continues to monitor the web for potential leaks.

“We are continuing to investigate the proportion of data that has been stolen,” it said.

The airline says it sent an initial email notice to all Qantas Frequent Flyer members, and an additional message to all customers aged 15 and above, to notify them of the data breach. This week, an update will be sent to the impacted customers with information on the compromised personal information.

The company also warned of threat actors impersonating Qantas to trick customers into revealing their passwords, booking reference details, and other sensitive information over email, text, and phone calls.

“We are aware of reports of scammers impersonating Qantas. This is unfortunately common after incidents like this. We recommend customers remain alert for unusual communications claiming to be from Qantas or requesting personal information or passwords,” the company noted.

Related: Kelly Benefits Data Breach Impacts 550,000 People

Related: Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers

Related: Ahold Delhaize Data Breach Impacts 2.2 Million People

Related: North Korean Fake IT Workers Extort Employers After Stealing Data

Latest News

CYBERNEWSMEDIAPublisher