Qantas has confirmed a customer data breach following attacks linked to the notorious Scattered Spider cybercrime group. The airline stated that the breach was not a direct attack on its primary systems but rather stemmed from unauthorized access to a third-party service provider used by the company.
While the full extent and specific details are still being assessed, the incident appears to have exposed limited customer information. Qantas has emphasized that core operational systems, including flight data, booking systems, and payment information, were not compromised in this particular incident.
The Scattered Spider group, also known by various other names like UNC3944 and Oktapus, is known for its tactics involving social engineering and targeting IT and business process outsourcing companies to gain access to client networks. Their focus is often on data theft and extortion.
In response to the breach, Qantas immediately launched an investigation, engaging with cybersecurity experts to understand the scope and impact. They have also notified relevant authorities and are working to inform affected customers as quickly as possible. The airline is taking steps to strengthen security measures with the third-party provider and review its own protocols to mitigate future risks associated with supply chain vulnerabilities. This incident underscores the critical importance of securing not just internal systems but also the entire digital ecosystem, including vendors and partners. Customers are advised to remain vigilant against potential phishing attempts or other fraudulent activities that may leverage exposed information.
Source: https://securityaffairs.com/179557/cyber-crime/qantas-confirms-customer-data-breach-amid-scattered-spider-attacks.html
