Australian airline Qantas said Sunday that data from 5.7 million customers stolen in a major cyberattack this year had been shared online, part of a leak reportedly involving dozens of firms.
Qantas said in July that hackers had targeted one of its customer contact centres, breaching a computer system used by a third party.
They secured access to sensitive information such as customer names, email addresses, phone numbers and birthdays, the blue-chip Australian company said.
Credit card details and passport numbers were not kept in the system, Qantas stressed at the time.
AFP understands the third-party involved is software firm Salesforce, which said last week that it was “aware of recent extortion attempts by threat actors”.
The hackers have also obtained stolen data from dozens of other companies including Disney, Google, IKEA, Toyota, McDonalds, and fellow airlines Air France and KLM.
“Qantas is one of a number of companies globally that has had data released by cyber criminals following the airline’s cyber incident in early July, where customer data was stolen via a third party platform,” the company said in a statement.
“With the help of specialist cyber security experts, we are investigating what data was part of the release,” it added.
It also said it had obtained a legal injunction with the Supreme Court of New South Wales, where the firm is headquartered, “to prevent the stolen data being accessed, viewed, released, used, transmitted or published by anyone, including third parties”.
Cybersecurity analysts have linked the hack to individuals linked to an alliance of cybercriminals called Scattered Lapsus$ Hunters.
Research group Unit 42 said in a note the group had “asserted responsibility for laying siege to customer Salesforce tenants as part of a coordinated effort to steal data and hold it for ransom”.
The hackers had reportedly set an October 10 deadline for ransom payment.
Threat intelligence platform FalconFeeds said on X the customer data had been posted on the dark web over the weekend.
Vietnam Airlines, clothing giant Gap and Japanese multinational Fujifilm also had data leaked, it said.
The hackers reportedly stole the sensitive data using a social engineering technique, referring to a tactic of manipulating victims by pretending to be a company representative or other trusted person.
