Qantas: First details known after cyber incident
Following the IT incident last week, Qantas is now presenting the initial results of the investigation. 5.7 million customer data have been lost.
(Image: Daniel AJ Sokolov)
Last week, it became known that there had been a cyberattack on the Australian airline Qantas. Cybercriminals gained access to the data of millions of Qantas customers. The airline has now published the first interim results of the investigation into the incident.
Qantas has provided an updated status on a dedicated website. According to this, the airline has made progress in the forensic analysis of the customer data on the compromised system. The company confirms that no credit card information, personal financial information or ID details were stored on the system and were therefore not accessible.
Qantas frequent flyer data was not affected – Passwords, PINs and log-in details were neither accessed nor compromised. The data compromised by the attackers was not sufficient to gain access to the frequent flyer accounts. There is also no evidence that the stolen data has been published. Qantas is continuing to monitor the situation with the support of cyber security experts.
Large amount of data accessible
After the analysts removed the duplicates, 5.7 million customer records remained. Individual-specific data fields vary from customer to customer, but the data apparently breaks down as follows: 4 million records were limited to name, email address, and Qantas frequent flyer details. Of these, 1.2 million records consisted of name and email address only and 2.8 million also included frequent flyer numbers; tier level was recorded for a large proportion, and points and status credits for some customers.
The remaining 1.7 million customers' data consisted of a combination of some of the aforementioned data fields plus one or more of the following items: addresses (1.3 million), date of birth (1.1 million), phone numbers (900,000), gender (400,000) and food preferences (from 10,000 customers).
Videos by heise
Qantas will now contact customers affected by the data leak by email and inform them of what data was stored about them in the compromised system. However, customers should remain vigilant and exercise particular caution when receiving emails, text messages or phone calls purporting to be from Qantas. The company never asks customers for passwords or personal and financial information. They should verify their identity by calling them back on a number provided on official Qantas channels. Those affected should also activate two-factor authentication for personal email and online accounts, for example.
(dmk)
