Particle.news
Download on the App Store
20 ARTICLES
·
2h ago

Qantas Data for 5.7 Million Customers Posted Online After Ransom Deadline

The leak reflects a campaign driven by social engineering of third‑party access rather than a Salesforce platform flaw.

Two Qantas Airways Airbus A330 aircraft can be seen on the tarmac near the domestic terminal at Sydney Airport in Australia, November 30, 2017. REUTERS/David Gray
Image
Image
Qantas said that it continues to work closely with Australian Government agencies, including the Australian cyber security centre and the Australian federal police.

Overview

  • Scattered Lapsus$ Hunters published Qantas customer records after the October 11/12 deadline, with an initial release also naming Vietnam Airlines, Gap, Fujifilm, Engie Resources and Albertsons.
  • Qantas says exposed fields include names, email addresses, phone numbers, dates of birth and frequent flyer details, while credit card data, passport numbers and account logins were not included.
  • US and French authorities seized a clear‑web BreachForums domain used by the group, yet the hackers continued to post the files on dark‑web channels and new clear‑web mirrors, and copies are circulating.
  • Salesforce states it will not pay extortion demands and reports no indication its platform was compromised, with analysts attributing access to social engineering and abused integration tokens tied to third‑party systems.
  • Qantas has an ongoing NSW Supreme Court injunction and is providing a 24/7 support line and identity protection advice, as security experts warn of targeted phishing and potential identity fraud.