Cyberattack hits major airline, up to 6M customer profiles exposed
Attack comes days after FBI warned about notorious 'Scattered Spider' group targeting airline industry
'CyberGuy' Kurt Knutsson shares how to protect your genetic data
'CyberGuy' Kurt Knutsson discusses 23andMe filing for bankruptcy protection and DNA privacy concerns on 'The Bottom Line.'
Australian airline Qantas said it suffered a cybersecurity incident that impacted the personal data of millions of customers.
The carrier said it was contacting customers on Wednesday to inform them it had detected "unusual activity" on a third-party platform used by a Qantas airline contact center, which holds service records for 6 million people.
After discovering the unusual activity Monday, the company said it "took immediate steps and contained the system" and that all of its systems have remained secure ever since. The company is still investigating how much data was stolen, but it expects it to be "significant."
After discovering the unusual activity Monday, the company said it "took immediate steps and contained the system." (Qantas / Fox News)
NOTORIOUS HACKER GROUP SETS SIGHTS ON AIRLINE INDUSTRY IN ALARMING SECURITY THREAT
During an initial review, the airline discovered that some customers’ names, email addresses, phone numbers, birthdates and frequent flyer numbers were impacted.
However, the airline confirmed that credit card details, personal financial information and passport details are not held in this system. Frequent flyer accounts, passwords, PINs and log-in details weren't impacted.
"We sincerely apologise to our customers and we recognize the uncertainty this will cause. Our customers trust us with their personal information and we take that responsibility seriously," Qantas Group CEO Vanessa Hudson said in a statement.
Australian airline Qantas said it suffered a cybersecurity incident that impacted the personal data of millions of customers. (DAVID GRAY/AFP via Getty Images) / Getty Images)
The carrier also established a dedicated customer support line as well as a dedicated page on its website to provide the latest information to customers.
HACKERS TARGET INSURANCE GIANT IN ONGOING INDUSTRY CYBER SPREE
The cyberattack comes days after U.S. officials warned that a notorious cybercriminal group was targeting the airline sector.
The FBI posted on X last week that the cybercrime group "Scattered Spider" relies on "social engineering techniques, often impersonating employees or contractors to deceive IT help desks" to grant access to systems and steal sensitive data for extortion.
The group frequently involves methods to bypass multifactor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts.
"They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk," the FBI wrote.
The carrier also established a dedicated customer support line as well as a dedicated page on its website to provide the latest information to customers. (Carla Gottgens/Bloomberg via Getty Images / Getty Images)
The FBI's warning came one day after Hawaiian Airlines said it was addressing a cybersecurity event that has affected some of its IT systems. However, it said it was able to continue operating its full flight schedule. The Federal Aviation Administration (FAA) safety office said it was in contact with the airline and that there has been no impact on safety.
The FBI's warning came one day after Hawaiian Airlines said it was addressing a cybersecurity event that has affected some of its IT systems. (Mario Tama / Getty Images)
GET FOX BUSINESS ON THE GO BY CLICKING HERE
Kelly Siegel, CEO of trusted IT managed services provider company, National Technology Management, told FOX Business that the FBI's warning is "a stark reminder of how vulnerable even our most critical infrastructure remains."
"Cyber threats aren't hypothetical – they're a relentless reality, and our airlines are in the crosshairs," he said.