Qantas says millions of customers' data leaked online

SYDNEY

Australian airline Qantas said on Oct. 12 that data from 5.7 million customers stolen in a major cyberattack this year had been shared online, part of a leak reportedly involving dozens of firms.

Qantas said in July that hackers had targeted one of its customer contact centers, breaching a computer system used by a third party.

They secured access to sensitive information such as customer names, email addresses, phone numbers and birthdays, the blue-chip Australian company said.

Credit card details and passport numbers were not kept in the system, Qantas stressed at the time.

AFP understands the third-party involved is software firm Salesforce, which said last week that it was "aware of recent extortion attempts by threat actors".

The hackers have also obtained stolen data from dozens of other companies including Disney, Google, IKEA, Toyota, McDonalds, and fellow airlines Air France and KLM.

"With the help of specialist cyber security experts, we are investigating what data was part of the release," the company said in a statement.

Cybersecurity analysts have linked the hack to individuals linked to an alliance of cybercriminals called Scattered Lapsus$ Hunters.

Research group Unit 42 said in a note the group had "asserted responsibility for laying siege to customer Salesforce tenants as part of a coordinated effort to steal data and hold it for ransom".

The hackers had reportedly set an Oct. 10 deadline for ransom payment.

Threat intelligence platform FalconFeeds said on X the customer data had been posted on the dark web over the weekend.