Australian airline Qantas has just confirmed the personal information of about 6 million leaked customers.
In the announcement, Qantas said the attack targeted a switchboard and platform operated by a third party, where data such as name, email address, phone number, date of birth and number of members of the regular customer program was stored.
Qantas did not disclose the identities of the group of attackers as well as the location of the breached switchboard or the nationality of the customers involved. However, the company confirmed that the attackers had not been able to access customers' accounts, passwords or PIN codes. The incident was discovered after Qantas recorded unusual activity in the system, and immediately took preventive measures.
We are continuing to investigate the extent of the stolen data, even though the impact is predicted to be significant, Qantas said, adding that flight operations and safety were not affected by the incident.
The incident comes as airlines around the world face an increasingly large threat from cybercrime. Last week, the US Federal Bureau of Investigation ( FBI) warned that the Scattered Spider group was targeting aviation systems. Hawaiian Airlines (USA) and WestJet ( Canada) have also reported recent attacks.
After the news of Qantas being attacked, the company's stock price fell 3.3% in the middle of the trading session, while the market in general remained stable. This is considered the biggest cyber attack in Australia in many years and a heavy blow to Qantas's efforts to restore its image after a series of scandals.
The company has previously been criticized for illegally laying off thousands of ground staff during the 2020 border closure period, while still receiving financial support from the government. The airline also admitted to having sold thousands of tickets for canceled flights, causing serious loss of trust in customers.
