Qantas Airways cyber attack exposes 6M customer profiles online

Australian airline Qantas said it was one of several companies whose customer data was published online after a cyber incident last July that affected millions of customers.

The major airline said in a statement that it was working with cybersecurity experts to investigate the data that was part of the release. The airline also said it has a court order to prevent the stolen data from being accessed, viewed, released, used, transmitted or disseminated by anyone, including third parties.

The airline has implemented additional security measures such as increased training across its teams and enhanced system monitoring and detection since it detected “unusual activity” on an external platform used by the Qantas Airline Contact Centre, which holds service records for six million people, in July.

Hackers are targeting the insurance giant in the industry’s ongoing cyber spree

After discovering the incident, the airline expressed concerns that a “large” amount of customer data had been stolen. Customers have also been alerted about specific personal data that may have been affected.

During the initial review, the airline discovered that some customers’ names, email addresses, phone numbers, dates of birth and frequent flyer numbers were affected.

However, the airline confirmed after that review that credit card details, personal financial information and passport details are not maintained in this system. Frequent flyer accounts, passwords, PINs and login details were not affected.

A notorious hacker group has its sights set on the airline industry in a worrying security threat

Qantas said on Sunday that there had been no change to this information.

The company said it will continue to provide updates on its website and through its customer support line, where it says customers have continued access to specialized identity protection services.

Qantas Airways signs at Sydney Airport in Sydney, Australia. (Brendon Thorne/Bloomberg via Getty Images)

The July cyber attack on Qantas comes days after US officials warned that a notorious cybercriminal group was targeting the aviation sector.

A cyberattack hits a major airline, exposing up to 6 million customer profiles

The FBI posted on

The kit often includes methods to bypass multi-factor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts.

Get FOX Business on the go by clicking here

“They target large enterprises and third-party IT service providers, meaning anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,” the FBI wrote.