Cyber Criminals Release Qantas Customer Data Months After Breach

Australia’s Qantas Airways recently confirmed that cybercriminals have released customer data stolen during a significant cyber breach in July. This breach compromised the personal information of numerous customers, marking one of the largest cyber incidents in Australia in recent years.

Details of the Cyber Breach

In July, Qantas disclosed that over one million customers had sensitive information accessed. This information included:

• Phone numbers
• Birth dates
• Home addresses

Additionally, another four million customers had only their names and email addresses extracted during the incident. Qantas’ breach is considered one of the most high-profile cyberattacks since incidents affecting telecommunications giant Optus and health insurer Medibank in 2022. These events led to the introduction of mandatory cyber resilience laws in Australia.

Recent Developments

On October 12, Qantas reported that it was among several companies worldwide affected by the release of this compromised data. The airline stated that the data was stolen through a third-party platform, highlighting vulnerabilities in external systems.

Qantas is currently working with cybersecurity experts to determine the specifics of the released data. The airline emphasized that it has implemented stringent measures to prevent unauthorized access to the stolen information.

Involvement of Cyber Criminals

The hacker group Scattered Lapsus$ Hunters has been linked to the release of Qantas’ customer data. This incident occurred after a ransom deadline set by the group had passed. While Qantas has not confirmed specifics regarding the ransom, they continue to investigate the situation carefully.

As authorities and Qantas navigate this breach, the focus remains on enhancing cybersecurity measures to protect customers in the future.