AUS
NZ
UK
CA
USA
IND
Highlights
- Data breach impacts up to six million Qantas customers
- Sensitive financial data reportedly remains protected
- Possible links to notorious cybercriminal group Scattered Spider
Qantas (ASX:QAN) has launched an investigation into a large-scale data breach that may have compromised the personal information of up to six million customers. The incident stems from a third-party platform used by its call centre operations in Manila. While core systems remain secure, the exposure of key customer data has raised significant concerns about supply chain vulnerabilities and cybersecurity standards. The breach has also caught the attention of investors monitoring ASX 200 Today, as Qantas’s performance could influence broader market sentiment.
What Was Compromised?
The airline disclosed that affected information may include names, dates of birth, email addresses, frequent flyer numbers, and phone numbers. Importantly, Qantas confirmed that more sensitive details such as passport numbers, credit card data, and financial records were not accessed.
In a statement filed with the ASX, Qantas emphasised, “All Qantas systems remain secure,” while acknowledging that millions of service records exist within the compromised platform. The company has yet to determine the exact scope of the breach, although it anticipates the exposed data to be substantial.
To support affected customers, Qantas has set up a dedicated helpline and online resources. CEO Vanessa Hudson offered an apology, reaffirming the airline's responsibility in safeguarding personal information.
Third-Party Risk and Broader Industry Concerns
This breach brings to light the ongoing challenge of managing third-party cybersecurity risks across industries. Experts note that many Australian companies, despite maintaining robust internal defences, remain exposed due to vendor-related vulnerabilities. Cybersecurity professionals stress that beyond technological safeguards, employee training and secure operational processes are essential in mitigating such risks.
Dali Kaafar from Macquarie University’s Cyber Security Hub highlighted the dangers stemming from access to even seemingly low-sensitivity information, pointing out how such data could be exploited in phishing schemes and identity fraud.
Scattered Spider: A Suspected Culprit
Though the attackers remain unidentified, security experts suspect the cybercriminal group known as Scattered Spider—also known as UNC3944—may be involved. This group is known for targeting large enterprises using social engineering to bypass multi-factor authentication.
Recently, warnings were issued by U.S. authorities about this group's focused efforts on the airline industry, adding weight to the theory of its potential involvement in the Qantas breach.
Unfortunate Timing
The breach coincided with the expected arrival celebration of Qantas’ first A321XLR aircraft in Sydney—an event that had to be cancelled due to inclement weather. Despite this, the milestone marked a significant advancement for the airline in expanding its long-range narrow-body fleet.
Amid the unfolding incident, shares of Qantas (QAN) were down 3.3% to A$10.41 in midweek trading, reflecting investor caution amid cybersecurity concerns.
