Skip to playerSkip to main contentSkip to footer
  • today
Qantas has suffered a cyber attack on one of its servers. The airline will only say a "significant" amount of customer data has likely been stolen. It has released a statement saying it had detected unusual activity on Monday on a third-party platform used by one of its contact centres. The service records of six million of its customers are stored on the platform.

Category

📺
TV
Transcript
00:00What Qantas has said, and we understand, is that customer names, emails, phone numbers,
00:07birth dates, and frequent flyer numbers are at risk, but they've said that other things
00:12such as your passport details and financial information were not leaked, apparently.
00:19So now it's six million customers, so even though it may not be a whole lot of data,
00:24it's a whole lot of people.
00:25And obviously, it follows on from other major data breaches that we've seen, Medibank
00:31Private in 2022, prompting cyber resilience laws, including mandatory reporting of compliance
00:38and incidents.
00:38We've seen Optus, the data breach as well, other large-scale breaches.
00:43But Qantas has said, OK, the credit card details are not at risk.
00:48Nonetheless, with information such as your birth date and frequent flyer number and phone
00:53number, potentially people could be at risk from someone's social engineering access to
01:01their account and changing email account to an account that the attackers might be able
01:06to use.
01:07And in fact, interestingly, that is how it seems that this attack actually succeeded with
01:12a third-party service provider, sounds like it was a telecommunications centre, and a human-to-human
01:22phone call.
01:23The attacker was not phishing, as we normally expect to see emails in our inbox that are fraudulent,
01:30trying to manipulate us to give over personal information, but phishing, that is voice phishing.
01:36And the call centre operator, we believe, was then granting some sort of access to the system
01:44over the phone to the attackers, not realising that they were being social engineered, that
01:48is, manipulated to give information or access, you know, as a result of deception.
01:54We've heard today from cyber firm CyberCX, which has been working with Qantas.
02:00They say that this incident has the hallmarks of the scattered spider hacker group.
02:06What do we know about them?
02:08Look, we understand that they're a young group, but obviously it's quite difficult to know with
02:13attribution.
02:15So, I mean, there are laboratories of companies and universities that spend a lot of time when
02:21they're actually able to get software code from attacks, which I don't think is the case
02:27here, or at least not that I've heard, and they will analyse it looking for perhaps remnants
02:32or pieces of other code that was used in other attacks or signatures in the code that point
02:38to a particular hacking group.
02:40But the belief is that this group may have actually targeted Qantas because the FBI believes that
02:49there have been attacks on North American airlines in a similar timeframe.
02:53So, Canada's WestJet and Hawaiian Airlines have both recently suffered attacks.
03:01So, you know, attribution is difficult.
03:04Even sometimes when groups claim credit, they haven't necessarily done it.
03:08And so, you know, it can be a difficult thing to actually determine.
03:13A little bit more broadly, Sulit, why do Qantas and other major companies, you mentioned earlier,
03:19previous hacks, why do they keep our data like this and what do they do with it?
03:26Well, I mean, that's an interesting question, right?
03:28So, they might use it to actually study for selling us more products or more targeted products.
03:34And then they might be part of partnerships where, you know, their partners in a frequent flyer
03:40program are selling us, you know, deep fryers or pots and pans or free trips, you know, on airlines
03:49or free stays in hotels or discounted stays.
03:52So, there are lots of reasons why they want to gather this data and potentially share it with partners.
03:58But the problem is, and what we see that, you know, is the result kind of from this data breach
04:03which is, it really highlights how interconnected businesses are and that really the network
04:10of interconnected businesses are only as strong as the weakest link.
04:14And that is particularly that supply chains are a risk.
04:18So, all you need is, you know, you can have the best fortified banking or financial services
04:23or airline system in the world.
04:26But if your suppliers don't have great cybersecurity, then your systems are also at risk.
04:31Your customers may be at risk.
04:34And it does kind of raise the specter of, look, shouldn't consumers maybe have better protection
04:40in law to ask these companies to delete our data?
04:43So, when you finish being a Qantas frequent flyer and you want to move on either to another
04:48organization or not do it anymore, shouldn't you be able, with a click of a button, very easily
04:54to ask Qantas to remove all of your data and also perhaps have more rights to say, please
05:03don't unsell my data.
05:05I mean, yes, okay, there's fine print terms.
05:08Most people don't have time to read 20 pages of legalese.
05:12And furthermore, often these things are kind of forced permission in that you don't have
05:17the right to say no.
05:18You can't, you know, you can't say, I don't want this onsold.
05:22So, I think maybe some better consumer protection in terms of the right to exit your data when
05:28you want to would reduce the risk of exposure for consumers' data because there's not that
05:34much we can do to protect ourselves, our own personal data from this sort of data breach.

Recommended