Qantas customers have been told to be on high alert for scams after one of the worst cyber attacks in months.
Qantas has revealed a cyber incident on a third-party platform used by the airline’s contact centre that exposed the details of six million customers.
Names, phone numbers, dates of birth and email addresses are among the data believed to be exposed in the leak.
But Qantas reassured customers financial information, passport numbers, credit card details and frequent flyer PIN codes were not accessed.
Customers are urged to stay on high alert in coming months because they may experience targeted phishing scams.
The type of personal information could be used in further cyber attacks, a security expert says.
“I think even with reassurances, the breach of names, email addresses, phone numbers and perhaps most importantly, birth dates and frequent flyer numbers, it’s still significant,” the executive director of Macquarie University’s Cyber Security Hub Dali Kaafar told AAP.
Professor Kaafar said the details could lead to malicious actors building a more complete profile about individuals to make them more susceptible to other forms of cybercrime.
Qantas launched an investigation into the attack on Wednesday as customers reeled from the news.
“We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant,” it said in a statement on Wednesday.
Qantas was working closely with the National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts, chief executive Vanessa Hudson said.
A customer support line had been established to provide customers with the latest information.
But experts warn the impact of the breach will be far-reaching.
Prof Kaafar said the claims by Qantas that no frequent flyer login details were exposed should be taken with “a grain of salt”, given the number of customers who use their date of birth as a PIN code.
“The Qantas app doesn’t implement any form of multifactor authentication, it relies on things like your surname, your frequent flyer number and PIN number,” he said.
“So some of these customers would have been using date of birth as a PIN, and they are immediately at risk because that data has been compromised.”
He warned customers to change their passwords and PINs to prevent further harm.
Customers should also be on high alert for scammers pretending to be Qantas in the coming months, as occurred in the wake of the Optus attack that impacted 10 million users.
“Scammers will be impersonating Qantas itself, leading to a more disastrous type of impact,” Prof Kaafar said.
Cybersecurity experts are speculating that the hackers responsible may be Scattered Spider, a group of young cyber criminals living in the US and the UK.
America’s FBI recently provided a warning that the group had been targeting the airline sector by impersonating legitimate users to bypass multi-factor authentication and access systems.
There has been no confirmation of the group responsible.
Qantas shares on the ASX shed about 3.6 per cent to $10.38 on Wednesday in response to the news.
Australian Associated Press is the beating heart of Australian news. AAP is Australia’s only independent national newswire and has been delivering accurate, reliable and fast news content to the media industry, government and corporate sector for 85 years. We keep Australia informed.
