Australian airline Qantas has confirmed a cybersecurity breach that impacts the personal data of six million customers.
On Monday, Qantas detected a cyberattack in one of its contact centers. Customer names, email addresses, phone numbers, birth dates, and frequent flyer numbers are among the data accessed. But credit card details, personal financial information, and passport details were not exposed since they’re not held in the system, according to the press release.
The hackers might be part of a group called “Scattered Spider,” reported Bleeping Computer. Qantas has not revealed the source of the cyberattack, but the group has recently been targeting aviation and transportation industries. WestJet and Hawaiian Airlines both recently experienced data hacks.
The source of the breaches has not been officially disclosed. But cybersecurity firms recently put out notices that Scattered Spider, also known as Muddled Libra, have added airlines to their target list, switching focus from insurance and retail companies.
Mashable has contacted Qantas about the breach and will update this story if the airline responds.
After learning of the breach, Qantas notified the Australian Cyber Security Center, the Office of the Australian Information Commissioner, as well as the Australian Federal Police, “given the criminal nature of this incident,” said the disclosure.
Qantas has established a customer support hotline and a dedicated page on its website with updates and key information. Customers can call the hotline for “specialist identity protection advice and resources,” from its team: 1800 971 541 or +61 2 8028 0534. And here’s your official warning to check for any suspicious activity if you’ve ever flown on Qantas.
