Recent news of a significant data breach affecting Qantas customers has understandably caused concern. This incident, which involved a third-party software supplier, has resulted in the personal information of millions of customers being exposed.
In an age where our personal data is a valuable commodity, understanding what happens during such events and what measures you can take is more important than ever.
What Information Was Involved?
Recent news reports have clarified the origin of this significant breach. It was not a direct attack on Qantas’s own systems, but rather part of a much larger, coordinated cyber-attack targeting clients of Salesforce, a global cloud software provider.
The cybercriminal group, which identifies as ‘Scattered LAPSUS$ Hunters’, claimed responsibility. This group reportedly attempted to extort Salesforce, demanding a ransom payment. When these demands were refused, the attackers followed through on their threat.
They created a public ‘leak site’ and published the vast amounts of data stolen from dozens of Salesforce clients, which included the Qantas customer information. This means the data was not just stolen, but was made publicly available for download on the dark web.
According to reports, the exposed Qantas data includes personal details such as:
- Full names
- Email addresses
- Home and business addresses
- Phone numbers
- Dates of birth
- Frequent flyer details
It remains important to note that, according to the airline, more sensitive information such as financial details, passport numbers, and account passwords or PINs were not part of the breach.
What are the Potential Risks?
When personal data like this is leaked and made publicly available, it is often acquired by other cybercriminals, who may use it for various malicious activities.
The primary risk following such a leak is a surge in highly targeted and convincing scam attempts, often called ‘spear-phishing’.
Criminals can use your leaked name, address, and frequent flyer details to create fraudulent emails, text messages, or phone calls that appear to be legitimately from Qantas or a related organisation (such as an insurer or a compensation team).
The goal of these scams is to build a false sense of trust. They might, for example, quote your real frequent flyer number to convince you they are genuine, before attempting to trick you into revealing more sensitive information, such as your credit card details or account login credentials.
These details can also be used in the “long game,” where criminals combine information from multiple data breaches to build detailed profiles for more sophisticated identity fraud.
How You Can Help Protect Yourself
While no single action can provide a complete guarantee, there are several sensible steps you can consider to help enhance your personal security and build a stronger defence.
1. Be Vigilant for Scams
- Treat unsolicited communications with caution. Be extremely wary of any unexpected emails, text messages, or phone calls claiming to be from Qantas or any other organisation, even if they use your personal details.
- Do not click links or download attachments. If you receive a suspicious message, avoid clicking on any links or opening attachments.
- Verify independently. If a message prompts you to log in or check your account, always do so by navigating directly to the official Qantas website in your browser or by using their official app. Do not use the links provided in the message.
- Do not search for the data. We strongly advise against attempting to find or download the leaked data. These sites are dangerous, often contain malware, and searching for them carries significant legal and security risks.
2. Review Your Account Security
- Consider changing your password. As a precaution, it may be wise to change your Qantas Frequent Flyer password.
- Use strong, unique passwords. It is a crucial cybersecurity practice to use a different, complex password for every single online account. This helps to contain the potential damage if one account is ever compromised.
- Enable multi-factor authentication (MFA). Where possible, enabling MFA on your important accounts (especially email, banking, and travel) is one of the most effective measures you can take. MFA adds an extra layer of security, requiring a second form of verification (like a code sent to your phone) in addition to your password.
3. Monitor Your Accounts
- Check financial statements. Keep a close eye on your bank and credit card statements for any transactions you do not recognise.
- Monitor your credit report. You can obtain credit reports from credit reporting bodies (such as Equifax or Experian) to check for any unauthorised credit applications made in your name.
- Report suspicious activity. If you see any evidence of fraud, report it to your financial institution immediately. You can also report cybercrime and identity theft to relevant government bodies, such as the Australian Cyber Security Centre (ACSC) via their portal.
Staying Informed and Secure
Data breaches are a stark reminder of the importance of a robust cybersecurity posture. For individuals, this means remaining vigilant and proactive about personal data hygiene.
For businesses, it highlights the critical need for comprehensive security strategies, not only for internal systems but also for managing third-party and supply chain risks.
If you are concerned about this breach, we recommend following official updates from Qantas. If you are a business leader looking to enhance your organisation’s cybersecurity defences or assess your supply chain risk, Vertex is here to help.
Contact us today or visit the Vertex website for further information on our tailored cybersecurity solutions.