Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A threat actor potentially responsible for the cyber attack on Qantas has reached out to the airline, according to a new statement.
The Qantas cyber incident occurred on Monday June 30 after the company detected unusual activity on a third-party platform used by one of its contact centres.
In the national carrier’s latest update on the cyber attack, the company revealed that someone potentially responsible or connected to the cyber incident had made contact with Qantas.
“A potential cyber criminal has made contact, and we are currently working to validate this,” said Qantas.
“As this is a criminal matter, we have engaged the Australian Federal Police and won’t be commenting any further on the details of the contact.”
So far, cyber experts have pointed the finger at the Scattered Spider hacking collective, who are also believed to have launched attacks on Canadian airline WestJet and US airline, Hawaiian Airlines.
“Initial reports on Qantas’ cyber breach show many hallmarks of the Scattered Spider ransomware group, which claimed responsibility for attacks against America’s Hawaiian Airlines and Canada’s Westjet last week, and the crippling attack against Marks & Spencer in the UK in April,” Tony Jarvis, field chief information security officer and vice president APJ at Darktrace, told Cyber Daily.
“Scattered Spider are thought to be native English speakers who don’t just exploit technical vulnerabilities but manipulate people, especially IT help desks, through phishing, multi-factor authentication (MFA) bombing, and SIM swapping to gain access.”
Scattered Spider is known to target multiple businesses within a single industry before moving on, having recently hit three UK retailers - Marks & Spencer (M&S), Co-op and Harrods - before hitting a wave of US retailers.
The FBI also released an advisory saying that Scattered Spider had moved its focus to the airline industry.
“The FBI has recently observed the cyber criminal group Scattered Spider expanding its targeting to include the airline sector. These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access,” the FBI said in a post on X.
Cyber Daily has also not observed any threat actors claiming responsibility for the cyber incident, which fits the bill for Scattered Spider.
While Qantas has not publicly identified the potential threat actor that reached out, it did reiterate that it would give more details to customers as to what personal data had been compromised.
“This week, we will be in a position to update impacted customers on the types of their personal data that was contained in the system,” the company said.
“This will confirm specific data fields for each individual, which will vary from customer to customer.”
Be the first to hear the latest developments in the cyber industry.
