Qantas Breach: The Bad News and The Worse News for 5.7 Million Aussies

Qantas has finally put a number on last week’s massive data breach, and it’s not pretty. A staggering 5.7 million customer records have been compromised, with the airline now beginning the long process of contacting everyone affected.

The breach hit an off-shire call-centre system containing details for 6 million customers, meaning almost everyone in that database has had some information stolen.

Qantas CEO Vanessa Hudson has acknowledged the scale of the incident, saying Our absolute focus since the incident has been to understand what data has been compromised for each of the 5.7 million impacted customers and to share this with them as soon as possible”

“From today we are reaching out to customers to notify them of the specific personal data fields that were held in the compromised system and offer advice on how they can access the necessary support services.”

She added, “We have put in place a number of additional cyber security measures to further protect our customers data, and are continuing to review what happened.”

So, What Did the Hackers Get? Here’s the Breakdown:

This wasn’t a simple case of a few names and emails. The data stolen is varied, and for some, it’s highly specific. Here’s how the 5.7 million affected customers break down:

• 4 Million Customers:
  • 1.2 million: Had their Name and Email Address stolen.
  • 2.8 million: Had their Name, Email, Frequent Flyer Number, and Status Tier taken.
    • A “smaller subset” of this group also had their Points and Status Credit balances exposed. This is a gift for scammers, allowing them to craft highly convincing and targeted phishing emails.
• 1.7 Million Customers: This group had a mix of the data above, plus one or more of the following:
  • Address (Home, Business, or Hotel): 1.3 million
  • Date of Birth: 1.1 million
  • Phone Number: 900,000
  • Gender: 400,000
  • Meal Preference: 10,000 (Yes, seriously)

While Qantas has confirmed the Australian Federal Police are involved, they are remaining tight-lipped on the specifics of the crime itself. EFTM understands a potential ransom demand has been made by the cybercriminals, which is now a matter for the AFP.

So far, none of the stolen data has appeared on the dark web. However, criminals often leak small portions of data to prove their claims and pressure the company into paying a ransom.

What Do You Need To Do?

For now, the advice for all Qantas customers is simple: be extremely cautious.

Treat any unexpected call, text, or email claiming to be from Qantas with suspicion. Scammers will be using this information to try and trick you. Don’t click on links, don’t provide any personal information, and if you’re concerned, contact the airline directly through their official website or phone number.