EXPOSED: Hackers Unleash Qantas Customers’ Sensitive Data on Dark Web – Up to 6 MILLION Records Compromised in Brazen Cyber Attack
- Hackers release Qantas customers’ personal data on dark web, including names, email addresses, phone numbers, birth dates, and frequent flyer numbers
- Up to 6 million Qantas customer records exposed in July cyber attack on third-party platform used by airline
- Cybersecurity expert warns of increased risk of social engineering attacks and phishing scams using stolen data
In a shocking development, hackers have released sensitive data of Qantas customers on the dark web, leaving millions of Australians vulnerable to cyber attacks. The stolen data includes names, email addresses, phone numbers, birth dates, and frequent flyer numbers, sparking widespread concern among the airline’s customers.
The cyber attack, which occurred in July, targeted a third-party platform used by Qantas, compromising up to 6 million customer records. The hackers, known as Scattered Lapsus$ Hunters, had threatened to release the data unless a ransom was paid to cloud software giant Salesforce.
Cybersecurity expert Troy Hunt, from Have I Been Pwned, confirmed that the Qantas customer data had been leaked on the dark web. “I just gave them the last two digits of my frequent flyer number. So we’ll see if they can confirm the whole thing, but I’m quite sure it is what it is,” he said, after verifying the leak with a friend overseas.
Qantas has assured customers that there was no impact to frequent flyer accounts and that financial details had not been compromised. However, cybersecurity experts warn that the stolen data can still be used for social engineering attacks and phishing scams.
“The more an attacker has about you in terms of your personal info, the better a scam they’re able to execute,” Hunt warned. “Someone can contact me even outside the context of Qantas and say, ‘Look, I know you live at this address and I know this is your phone number and we are a legitimate organisation offering some service and you need to give us some personal information or log on to a site’.”
The FBI has seized the website used by the hackers to threaten the release of sensitive information, but experts warn that the data will likely reappear on other platforms. “The genie is out of the bottle,” Hunt said. “If anything, the situation is worse now — the hackers just launched a new clear website that anyone can easily access.”
Qantas customers are advised to be vigilant and carefully verify any incoming communication to avoid falling victim to cyber scams.