Qantas Data Breach: 40 Companies Targeted by Global Cybercriminals, 6 Million Customer Records Leaked on the Dark Web -

Post Views: 213

Qantas Data Breach: 40 Companies Targeted by Global Cybercriminals, 6 Million Customer Records Leaked on the Dark Web

Sydney/ New Delhi: Following a significant cyberattack, the personal information of millions of Qantas customers was exposed on the dark web. According to security experts, the airline’s third-party service platform was attacked in July, exposing roughly 6 million customer details.

Exposed Data

Customers’ names, phone numbers, email addresses, birthdates, and frequent flyer numbers are among the exposed data. Passwords, PINs, login information, identification documents, and financial data are all kept safe, according to Qantas.

“Qantas confirms that no identity documents, credit card numbers, or financial details were accessed.”

— Qantas official statement.

40 Global Companies Targeted

According to reports, the global cybercriminal organization “Scattered Lapsus$ Hunters” is responsible for the attack.

Unless a ransom was paid, the gang had threatened to leak data from about 40 international companies connected to the cloud software behemoth Salesforce, including Google, Disney, Toyota, IKEA, Air France, and KLM.

Hackers established a Saturday payment deadline of 3 PM AEDT, and beyond that, they started exposing data from certain businesses.

Verification by an Australian Specialist

Troy Hunt (Have I Been Pwned), an Australian cybersecurity expert, informed ABC that he had verified the Qantas customer data was found on the dark web.

My email and frequent flyer number were discovered in the hack, according to a message from a buddy who lives abroad. It was precisely the same as what Qantas had on file. That proved it was genuine,” he claimed.

Hunt went on to say that although the hackers’ communication has been “erratic and unpredictable,” data from just six companies has been made public thus far.

“The Arrow has left the Bow.”

Although the original data was deleted from the site, Hunt cautioned that it is still in hundreds of hands and may resurface on other platforms.

“The secret has been revealed. This material may soon reappear on a new public website that the hackers have built, he claimed.

International Law Enforcement Action

The FBI, U.S. Department of Justice (DOJ), and French cyber authorities confiscated the hackers’ website after realizing the extent of the attack.

Less than twenty-four hours before the group’s ransom deadline, the seizure took place.

Indian Cybersecurity Expert Insight

A famous cybersecurity expert and a renowned media panelist, Mr. Mohit Yadav, called the incident a fundamental weakness in the global digital supply chain.

“The data of a particular company is not the only thing compromised by this attack. It illustrates how the worldwide supply chain can be affected by an attack on a single cloud platform. “This supply chain attack is a textbook example,” Mr. Yadav stated.

He added that rather than being only an economic goal, stolen data is now viewed as a strategic asset:

He stated, “Hackers can use this data for sophisticated psychological manipulation, corporate espionage, and identity theft.”

“Indian consumers who hold accounts with Qantas or other international airlines should enable two-factor authentication immediately and exercise caution with any suspicious emails or links.”

Company Response

Salesforce confirmed that there is no indication of a compromise on its core platform and that it will neither negotiate nor pay a ransom.

Qantas stated that it is still looking into the breach and is helping the impacted customers.

Cybersecurity Takeaway

According to experts, this instance shows that data security is now a basis of trust rather than just a technological problem.

The event highlights the growing need for cyber diplomacy, international collaboration, and data sovereignty globally as airlines and enterprises depend more and more on digital services.

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blogs, he also writes for brands including Craw Security, Bytecode Security, and NASSCOM.

Payroll Pirates Strike Microsoft Warns of HR SaaS Account Hijackings to Steal Employee Salaries