Cybersecurity experts are cautioning millions of Aussies to stay vigilant, after hackers gained access to a Qantas third-party call centre earlier this week. The airline says it’s working with cybersecurity experts and government agencies and is continuing to investigate the scope of incident.
So, what does all this mean for your data? Is there anything you need to do? Here’s the lowdown.
What data has been stolen from the Qantas breach?
On Wednesday, Qantas confirmed cybercriminals had targeted one of its airline call centres and gained access to a customer servicing platform two days prior, with some six million customer records accessed in the system.
Some of the personal details exposed included names, phone numbers, dates of birth, email addresses, and frequent flyer numbers.
“Importantly, credit card details, personal financial information and passport details are not held in this system,” Qantas explained in a statement to the Australian Securities Exchange.
“No frequent flyer accounts were compromised nor have passwords, PIN numbers or log in details been accessed.”
And because it was most definitely top-of-mind for most travellers when news broke — the airline further clarified customers’ Qantas accounts and, importantly, their points remain secure.
“We’re taking this incident extremely seriously and working with government agencies and independent cyber security experts. We’re implementing additional security measures to strengthen system monitoring and protection of your information as part of our response,” Qantas stated in its email.
“If we identify new important information as we continue to investigate and respond to this incident, we will share it with our customers.”
As reported by the Sydney Morning Herald, prolific hacking group Scattered Spider is suspected to be behind the breach, with the FBI recently observing the group “expanding its targeting to include the airline sector”.
“Scattered Spider are known to be in this sophisticated social engineering tactics, often coincidentally also targeting help desks or call centre personnel to gain access to some corporate networks,” Macquarie University cybersecurity professor Dali Kaafar told the publication.
What can hackers do with my data?
With hacks hitting Medibank, Genea, Qantas and even your super fund in recent years, it’s easy to feel numb to breaches. But cyber experts caution there’s some pretty big risks, like scams, fraud, or even identity theft.
“[Cyber criminals] have already compromised users’ names and numbers with the hack, and this type of information is very valuable because with that kind of data, they can carry out targeted phishing attacks,” Dr Rumpa Dasgupta, cybersecurity lecturer at La Trobe University, told PEDESTRIAN.TV.
“This is where they sent targeted emails or messages that look real, to trick people into giving away passwords, or other personal information. They might also try to impersonate customers to access other accounts, especially if someone uses the same password across different platforms.
“In some cases, attackers can even combine this data with information from other breaches to commit identity threat.”
Sure, no financial info was stolen, but Dasgupta warns this kind of breach can open the door to a range of scams and security risk if you’re not careful.
Paul Haskell-Dowland, associate dean of computing and security at Edith Cowan University, agreed that we should probably use this incident as a reminder that “all info has value”.
While the stolen information may be insufficient to hack into your account RN, it doesn’t mean it’s smooth sailing from here.
“The stolen information is insufficient to directly access a Qantas account as this requires a PIN and password. However, if coupled with other data breaches (that may include passwords), there is potential for cyber criminals to combine information which may expose accounts to compromise,” he pointed out.
So what should I do as a Qantas customer?
Qantas clarified there has been no impact to its operations or the safety of the airline, so if you’ve got any flights coming up, there’s no action required.
But if you’d like to get in touch about this, a dedicated customer support line has been set up on 1800 971 541 or +61 2 8028 0534, which can help access specialist identity protection advice and resources. There’s also a page on the website to provide the latest information to customers.
And as for other things you could be doing? It’s probably stuff you’ve heard before — but that doesn’t make it any less important.
“Customers must change their email passwords and, if not already done, incorporate multi-factor authentication,” said Dr Mohiuddin Ahmed, senior lecturer of computing and security at Edith Cowan University.
“Be very vigilant for scam calls, texts and phishing emails. Given the stolen information, sophisticated scammers will target these affected customers.” (Got a suss email from Qantas riddled with mistakes or from an odd email address? Yeah, do not click that.)
Frequent flyers are being warned to stay alert after the breach that may allow hackers to log in to their accounts. Qantas said frequent flyers should “remain alert for unusual communications claiming to be from Qantas”, pointing out it will never contact you requesting passwords, booking reference details or sensitive login information.
According to Toby Murray, professor at the University of Melbourne, it’s probably a good idea for frequent flyers to change their PIN, especially if you’ve got a pretty common one like 1234 or 1111.
“In many cases [frequent flyer accounts] are protected only by a four-digit PIN, so we should definitely expect accounts to be compromised as a result of this breach,” he said.
Plus, Qantas provides notification emails when they detect unusual login activity, so be on the lookout for any emails like that in coming days.
As a general piece of advice, cybersecurity experts say you really shouldn’t reuse passwords on any system or service — which is why password managers (that assign unique passwords on every system you use, while making sure you don’t need to remember every lil’ log-in) can be pretty useful.
What’s a major learning here?
With cyberattacks on the rise across Australia, organisations need to step up their game when it comes to cybersecurity. According to La Trobe University’s Dr. Dasgupta, taking a proactive and layered approach is important, not just to fend off hackers, but to protect their reputation and keep customer trust intact.
“This includes regularly patching of systems, or enforcing a strong password policy, or implementing multi-factor authentication. Organisations should conduct regular risk assessment, particularly focussing on third party vendors to identify and mitigate vulnerabilities before they can be exploited,” she remarked.
“Trust takes years to earn, but one small oversight to lose. I believe for Qantas, the next few days will show whether customers believe they have learned from it, or if they’ll switch to someone else who takes their privacy more seriously.”
There’s also the issue of managing vulnerabilities that could come up from third-party vendors, like outdated software, inconsistent security policies, or improper data handling that can still put customer data at risk.
“I would recommend all organisations implement strong third-party risk management strategies, like security audits, requiring vendors to follow the same cybersecurity standards as the main organisation,” Dasgupta said.
“In treating the third-party platforms as an extension of their own network, organisations can better safeguard customer data.”
TLDR; this Qantas breach is another important reminder that even basic info like names and birthdays can be gold for scammers. Lock down your logins, don’t click on any suss emails, and definitely retire that 1234 PIN code.
The post What The Qantas Cyberattack Means For Your Data & What You Might Need To Do Next appeared first on PEDESTRIAN.TV .
