Sensitive Employee Data Stolen in Major Qantas Cyber Incident, Leading to Extortion Demand. The national carrier has become the latest victim in a sprawling data breach that initially targeted third-party service providers. Personal and sensitive information belonging to past and present Qantas employees was compromised, leaving individuals vulnerable.
The stolen data includes potentially critical details such as names, addresses, employment records, and potentially other identification information. This information was reportedly accessed through a breach affecting a third-party company handling services for Qantas, highlighting the significant cybersecurity risks associated with vendor relationships.
Following the data theft, the perpetrators have reportedly attempted to extort Qantas, demanding payment to prevent the release of the sensitive employee records. This tactic is increasingly common after ransomware attacks or data breaches, where attackers seek to monetize compromised information.
Qantas has confirmed the incident and stated they are working closely with the Australian Cyber Security Centre and the Australian Federal Police. They are in the process of notifying affected employees and providing support. The incident underscores the critical need for robust data protection measures, not just within major corporations but also across their entire supply chain. Businesses must prioritize cyber resilience and understand the far-reaching consequences when employee data is exposed. This event serves as a stark reminder of the evolving threat landscape and the persistent danger of data breaches and subsequent extortion attempts. Protecting personal data is paramount.
Source: https://www.bleepingcomputer.com/news/security/qantas-is-being-extorted-in-recent-data-theft-cyberattack/
