Qantas Customer Data Released by Hackers After Major Breach
Australia’s largest airline Qantas Airways has confirmed that cybercriminals have published customer data stolen during one of the country’s most significant cyber breaches in July. The data release affects millions of passengers and follows failed ransom negotiations with the hacker group.
Key Takeaways
- Hackers published Qantas customer data after July breach
- Over 1 million customers had sensitive details stolen
- Additional 4 million customers had names/emails compromised
- Airline has obtained injunction to prevent data access
Official Statement and Legal Action
Qantas confirmed on Sunday, October 12 that it was among several companies whose customer data was published by cybercriminals. The airline stated it is working with cybersecurity experts to investigate the extent of the data release.
“With the help of specialist cyber security experts, we are investigating what data was part of the release,” Qantas stated on Sunday (October 12), as per news agency Reuters.
The company has secured an ongoing legal injunction “to prevent the stolen data being accessed, viewed, released, used, transmitted or published by anyone, including third parties”.
Scale of the July Data Breach
In July, Qantas disclosed that sensitive customer information including phone numbers, birth dates, and home addresses were accessed for more than one million customers. Another four million customers had their names and email addresses compromised in what became one of Australia’s largest cyber incidents.
Hacker Group and Timeline
The data publication was carried out by the hacker collective Scattered Lapsus$ Hunters after their ransom deadline passed. This breach represents Australia’s most high-profile cyberattack since the 2022 incidents affecting telecommunications provider Optus and health insurer Medibank, which prompted the government to introduce mandatory cyber resilience laws.
