Post views: 10

Qantas data breach: 40 companies targeted by global cybercriminals, 6 million customer records leaked on dark web

Sydney/New Delhi: Following a major cyberattack, the personal information of millions of Qantas customers has been exposed on the dark web. According to security experts, the airline’s third-party services platform was attacked in July, exposing details of nearly 6 million customers.

Exposed data

Customer names, phone numbers, email addresses, dates of birth and frequent flyer numbers are among the data exposed. According to Qantas, passwords, PINs, login information, identity documents and financial data are kept secure.

“Qantas confirms that no identification documents, credit card numbers or financial details were accessed.”

– Qantas official statement.

40 global companies targeted

According to reports, the global cybercrime organization Scattered Lapsus$ Hunters is responsible for the attack.

Unless a ransom was paid, the gang threatened to leak data from around 40 international companies linked to cloud software giant Salesforce, including Google, Disney, Toyota, IKEA, Air France and KLM.

The hackers set a payment deadline of Saturday at 3pm AEST, after which, they began exposing data from certain companies.

Verified by an Australian specialist

Troy Hunt (Have I Been Pwned), an Australian cybersecurity expert, told the ABC that he had verified that Qantas customer data had been found on the dark web.

My email and frequent flyer number were discovered in the hack, according to a message from a friend living abroad. It was exactly the same as what Qantas had on file. This proves that it is real,” he claimed.

Hunt went on to say that although the hackers’ communications were “irregular and unpredictable”, data from only six companies had been published so far.

“The arrow has left the bow.”

Although the original data has been deleted from the site, Hunt warned it remains in the hands of hundreds and may reappear on other platforms.

“The secret has been revealed. This material may soon appear again on a new public website created by hackers,” he claimed.

International law enforcement procedures

The Federal Bureau of Investigation (FBI), the US Department of Justice (DOJ) and French cyber authorities seized the hackers’ website after they realized the scale of the attack.

Less than twenty-four hours before the group’s ransom deadline, the seizure took place.

Indian cybersecurity expert Insight

Renowned cybersecurity expert and media panellist, Mr. Mohit Yadav, described the incident as a fundamental weakness in the global digital supply chain.

“A particular company’s data is not the only thing that was compromised by this attack. It shows how a supply chain across the world can be affected by an attack on a single cloud platform. This supply chain attack is a clear example,” Mr. Yadav said.

He added that instead of simply being an economic target, stolen data is now viewed as a strategic asset:

“Hackers can use this data for sophisticated psychological manipulation, corporate espionage and identity theft,” he said.

Company response

Salesforce confirmed that there is no indication of a compromise on its platform and that it will not negotiate or pay a ransom.

Qantas said it was still looking into the breach and assisting affected customers.

Cybersecurity takeaways

According to experts, this example shows that data security is now a basis for trust and not just a technological issue.

The event highlights the growing need for cyber diplomacy, international cooperation and data sovereignty globally as airlines and enterprises increasingly rely on digital services.

About the author:

Yogesh Nagar He is a content marketer specializing in the cybersecurity and B2B space. Besides writing for News4Hackers blogs, he also writes for brands including Craw Security, Bytecode Security, and NASSCOM.

Read more:

Payroll hackers strike Microsoft warns of hijacking HR SaaS accounts to steal employee salaries

About the author