The Australian airline Qantas has confirmed a serious cybersecurity incident that puts the confidence of millions of travelers in check. The attack, detected on June 30 on a customer service platform managed by an external supplier, has exposed the Personal data of up to six million users. The event occurs just days after the FBI launched a global alert on a new modus operandi of cybercounts specialized in circumventing double authentication factor (2FA) systems, with the air industry as a priority objective.
The FBI recently noticed that the group known as ‘Scatrtered Spider’, famous for its campaigns against retail and insurer sectors, had begun to focus its efforts on airlines and transport companies. According to the agency, These attackers use advanced social engineering techniques: employees or suppliers supplant to deceive computer assistance services and get them granted privileged access, even making fraudulent devices add to 2FA Protected Accounts.
The case of Qantas fits with this pattern. The cybercounts agreed to the platform of an external call center, from where they could extract Sensitive information such as names, emails, telephones, birth dates and frequent traveler numbers. At the moment, the airline ensures that no financial data, passwords or identity documents such as passports have been compromised.
Qantas detected the suspicious activity and isolated the affected system in a matter of hours. Since then, the company works together with cybersecurity experts and Australian authorities to analyze the actual scope of the incident and reinforce its protection systems. Preliminary research suggests that a significant portion of the records was copied before containing the attack.
The airline has already contacted potentially affected customers and has enabled specific lines of attention to solve doubts and offer advice on identity protection. Besides, has increased security controls For access to frequent traveler accounts and has warned about possible fraud attempts by impersonators who can take advantage of the situation.
A touch of global attention
Although the attack on Qantas does not directly affect users who are not related to the airline, The incident is a serious warning for the entire air industry worldwide. The FBI and cybersecurity experts have stressed that these types of attacks are not isolated: in recent weeks, companies such as Hawaiian Airlines and Westjet have also been victims of similar episodes.
The sophistication of the methods used and the fact that cybercriminals sign up for both airlines and their external suppliers forces all companies in the sector to urgently review and reinforce their protection systems, especially in relation to multifactor authentication and the Training of your teams against social engineering techniques.
As experts warn, Aviation handles large volumes of sensitive data and has become a priority objective for organized criminal groups.