Qantas, Australia’s largest airline, disclosed a cybersecurity incident on Monday after detecting unauthorized access to a third-party platform used by its call centre. The airline confirmed that while its internal systems remain unaffected, the attackers likely accessed a “significant” volume of customer data. This third-party breach affected a system that holds service records for approximately six million customers.
The compromised data reportedly includes customer names, email addresses, phone numbers, birth dates, and frequent flyer numbers. However, Qantas reassured customers that no credit card or personal financial information was accessed, and account credentials such as passwords, PINs, or logins remain secure.
Qantas immediately contained the breach upon detection and has notified relevant authorities, including the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and the Australian Federal Police. Investigations are ongoing to assess the full extent of the data loss.
Broader Threat Landscape: Aviation in the Crosshairs
The Qantas incident comes amid rising concern over cyberattacks in the aviation and transportation sectors. While it has not been officially confirmed, the nature of the Qantas breach bears similarities to recent attacks by a well-known threat group dubbed “Scattered Spider.”
This group, also known by aliases such as 0ktapus and UNC3944, has gained notoriety for targeting major companies through social engineering, phishing, SIM-swapping, and manipulation of help desk protocols. These tactics allow attackers to bypass multi-factor authentication and gain employee-level access to internal systems.
In recent months, Scattered Spider has escalated operations by attacking other aviation firms such as Hawaiian Airlines and WestJet. In the WestJet case, attackers exploited a self-service password reset to infiltrate internal systems. Cybersecurity experts warn that the group is moving systematically across industries, with aviation now in its crosshairs after targeting retail and insurance sectors earlier.
Third-Party Platform Calls for Stronger Cyber Defenses Across Critical Infrastructure
Security experts are urging organizations, especially those in critical sectors like aviation, to take proactive measures in strengthening their cyber defenses. This includes improving visibility across infrastructure, securing identity systems, and hardening self-service tools and help desks, key points of vulnerability exploited by attackers.
Leading cybersecurity organizations such as Google’s Threat Intelligence Group and Palo Alto Networks have published resources to help enterprises defend against Scattered Spider’s evolving tactics. These recommendations emphasize layered security, employee awareness, and real-time threat monitoring.
As the investigation into the Qantas breach unfolds, the incident serves as another stark reminder of the vulnerabilities in third-party platforms and the need for robust cybersecurity protocols in an increasingly digital aviation ecosystem.
Also Read :- Cyberattack Hits Hawaiian Airlines’ IT Systems, Flights Undisturbed | CyberPro Magazine
