Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
After some initial confusion among the group, Scattered LAPSUS$ Hunters publishes Qantas customer data to the open web.
The hacking group behind dozens of Salesforce-related compromises has published more than 150 gigabytes of Qantas customer data to leak sites on both its darknet leak site, and one hurriedly published to the clear web in the wake of an FBI takedown of its previous clear-web leak site.
The date of publication was delayed several times, and messages exchanged on the group’s Telegram channel suggested some confusion among the hackers.
“Hate to bring down thousands or more people waiting on these leaks that is approaching very soon, we are currently re-conducting the selection process of companies that'll be leaked. I am the one doing it due to more than half of the group currently in their beds snoring. Unfortunately, someone higher up flagged certain things a few minutes ago, and without approvals I cannot proceed further without receiving sign-offs,” one member of the group wrote shortly before the leak was to go live.
“For this reason, we have decided the best case scenario is that we delay the leaks for a bit longer. The data of companies will still be leaked, October 11th.”
Sure enough, the data was published, though at first the darknet site appeared to be down due to a large amount of traffic, forcing at least one outburst that was soon deleted. Not long after, the hackers shared a clear-web site hosting the leaks; the darknet site remains down as of the time of writing.
An injunction prevents Cyber Daily from accessing or sharing details of the leaked data, but Scattered LAPSUS$ Hunters claims it consists of more than five million customer records, adding up to a total volume of 153 gigabytes.
Qantas was one of six companies whose data was leaked on Saturday, alongside Vietnam Airlines, Albertsons Companies, GAP, Fujifilm, and Engie Resources.
Soon after publication, Scattered LAPSUS$ Hunters posted a screed singling out Australia on its Telegram channel.
“Australia, I really hope for the love of god you've learned your lesson this time. When me and shanty dumped Optus a few years back we gave you multiple chances to comply with us. Australia government please get rid of the AFP or revamp the AFP. They are filled with ego and pride, so is the government of Australia itself,” a spokesperson for the group said.
“Change your laws, change your policies, change something, we will endlessly attack you till you eventually rewrite your own rules, go against what your government has stated it would never do, drop you ego and pride and comply with us in the future.”
Scattered LAPSUS$ Hunters added that Australia was one of five companies it was focusing its efforts on, alongside the United States of America, the United Kingdom, Canada, and France.
The hackers also called out several security analysts and companies, before promising further activity in the future.
“At this point, any and all corporations in the world should, by default, consider us real threat. To yourself, your company, critical infrastructure, and to INTERNATIONAL security,” the spokesperson said.
“We will never stop, see you all in 2026.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
