Skip to main content

Australian airline Qantas says millions of customers’ data leaked online

Australian airline Qantas said on Sunday that data from 5.7 million customers stolen in a major cyberattack this year had been shared online, part of a leak affecting dozens of firms.

Disney, Google, Ikea, Toyota, McDonald’s, and fellow airlines Air France and KLM are also reported to have had data stolen in a cyberattack targeting software firm Salesforce, with the information now being held to ransom. Salesforce said this month it was “aware of recent extortion attempts by threat actors”.

Qantas confirmed in July that hackers had targeted one of its customer contact centres, breaching a computer system used by a third party now known to have been Salesforce.

They secured access to sensitive information such as customer names, email addresses, phone numbers and birthdays, the blue-chip Australian company said.

No further breaches have taken place since, and the company is cooperating with Australian security services.

“Qantas is one of a number of companies globally that has had data released by cyber criminals following the airline’s cyber incident in early July, where customer data was stolen via a third-party platform,” the company said in a statement.

Most of the data leaked was names, email addresses and frequent flyer details, the firm said.

But some of the data included customers’ “business or home address, date of birth, phone number, gender and meal preferences”.

“No credit card details, personal financial information or passport details were impacted,” Qantas said.

It also said it had obtained a legal injunction with the Supreme Court of New South Wales, where the firm is headquartered, to prevent the stolen data from being “accessed, viewed, released, used, transmitted or published”.

Cybersecurity expert Troy Hunt told AFP that it would do little to prevent the spread of the data.

“It’s frankly ridiculous,” he said.

“It obviously doesn’t stop criminals at all anywhere, and it also really doesn’t have any effect on people outside of Australia.”

Hackers ‘laying siege’

In response to questions about the leak, tech giant Google pointed AFP to an August statement in which it said one of its corporate Salesforce servers had been targeted. It did not confirm if the data had been leaked.

“Google responded to the activity, performed an impact analysis and has completed email notifications to the potentially affected businesses,” Melanie Lombardi, head of Google Cloud Security Communications, said.

Cybersecurity analysts have linked the hack to individuals with ties to an alliance of cybercriminals called Scattered Lapsus$ Hunters.

Research group Unit 42 said in a note that the group had “asserted responsibility for laying siege to customer Salesforce tenants as part of a coordinated effort to steal data and hold it for ransom”.

The hackers had reportedly set an October 10 deadline for ransom payment.

‘Oldest tricks in the book’

The hackers stole the sensitive data using a social engineering technique, referring to a tactic of manipulating victims by pretending to be a company representative or other trusted person, experts said.

The FBI last month issued a warning about such attacks targeting Salesforce. The agency said hackers posing as IT workers had tricked customer support employees into granting them access to sensitive data.

“They have been very effective,” expert Hunt said.

“And it hasn’t been using any sophisticated technical exploits… they have exploited really the oldest tricks in the books.” The hack of data from Australia’s biggest airline comes as a string of major cyberattacks in the country has raised concerns about the protection of personal data.

Qantas apologised last year after a glitch with its mobile app exposed some passengers’ names and travel details.

And major ports handling 40 per cent of Australia’s freight trade ground to a halt in 2023 after hackers infiltrated computers belonging to operator DP World.



from Dawn - Home https://ift.tt/WzIScEs
Labels:

Comments

Post a Comment

Popular posts from this blog

Ministers rubbish notion that proposed retirement age extension to favour ‘one particular institution’

Information Minister Attaullah Tarar on Tuesday rubbished the notion that a proposed extension in the retirement age was to favour “one particular institution”, adding that the move would be implemented across the board if approved. The rebuttal comes in the wake of media reports claiming that the government was mulling changes to the Constitution to fix the tenure of the chief justice . Currently, judges of the Supreme Court, including the chief justice, retire after attaining the age of superannuation, i.e. 65 years, as stipulated in Article 179 of the Constitution. While giving his opinion recently on the reports of the constitutional amendment, Law Minister Azam Nazeer Tarar had said he “will not vehemently turn down the proposals related to the tenure of the chief justice”. Addressing the issue during a press conference in Islamabad today along since Finance Minister Muhammad Aurangzeb and the law minister, Attaullah said the extension in the retirement age was “a proposal to a...
Post a Comment
Read more

The Republican primary race for president in 2024

The Republican primary race for president in 2024 is already shaping up to be a competitive one. There are a number of high-profile candidates who have already announced their intention to run, and more are expected to join the field in the coming months. The frontrunner for the nomination is former President Donald Trump. Trump has been teasing a 2024 run for months, and he has a large and loyal following among Republican voters. However, he is also a polarizing figure, and his candidacy could alienate some moderate Republicans. Another potential contender for the nomination is Florida Governor Ron DeSantis. DeSantis has been praised by many conservatives for his handling of the COVID-19 pandemic and his opposition to vaccine mandates. He is also seen as a rising star in the Republican Party. Other potential candidates include former Vice President Mike Pence, former Ambassador Nikki Haley, and Senator Tim Scott. Pence is a more traditional Republican who could appeal to moderate vote...
1 comment
Read more

In pictures: Grief in Gaza and the loss of a child

In the photo, the woman cradles a child in her arms, balanced on her knee. It is an image that resonates, as ancient as human history. But in a grim inversion of the familiar, we see that the child she holds close is a corpse, wrapped in a shroud. It is a quiet moment of intense grief. The woman wears a headscarf and her head is bowed. We cannot see who she is nor can we learn anything about the child — not even if it is a boy or girl. Palestinian woman Inas Abu Maamar, 36, embraces the body of her 5-year-old niece Saly, who was killed in an Israeli strike, at Nasser hospital in Khan Younis in the southern Gaza Strip, October 17, 2023. The child is one of many who have lost their lives on both sides in the Israel-Hamas war. Most have names we will never know, whose deaths will spark a lifetime of grief for family members we will never meet. In the 21st century, an average of almost 20 children a day have been killed or maimed in wars around the world, according to Unicef. Reuter...
Post a Comment
Read more