Qantas hit by cyber attack after FBI alert on ‘Scattered Spider’ group

Keep knowledgeable with free updatesSimply signal as much as the Cyber Safety myFT Digest — delivered on to your inbox.Qantas is investigating whether or not a hacking group that focused UK retailer Marks and Spencer this yr was behind a cyber assault that breached a database containing the non-public particulars of 6mn of the Australian airline’s clients.The corporate mentioned the hackers focused considered one of its name centres on Monday and gained entry to a third-party customer support platform. Qantas mentioned it was possible {that a} “important” quantity of non-public information had been extracted from the database, which contained buyer names, electronic mail addresses, telephone numbers, delivery dates and frequent flyer particulars.The database didn’t include monetary info, equivalent to bank card numbers, that are saved on totally different servers, mentioned Qantas.The assault comes days after the FBI warned that there have been indicators the “Scattered Spider” cyber prison group had began to focus on the worldwide airline sector.“They aim massive companies and their third-party IT suppliers, which suggests anybody within the airline ecosystem, together with trusted distributors and contractors, could possibly be in danger,” the FBI mentioned in an alert final week. It warned that extortion makes an attempt had been usually made after delicate info was stolen.The warning adopted latest cyber assaults on Hawaiian Airways and Canada’s WestJet.Scattered Spider is reported to be behind various high-profile information breaches, together with these of M&S and MGM Casinos. It has gained a status for efficient subterfuge strategies equivalent to impersonating staff at corporations to trick IT departments into offering entry to methods.RecommendedQantas, Australia’s largest airline, mentioned it had moved rapidly to safe its methods. It has alerted the Australian Federal Police, in addition to different authorities companies, and can contact affected clients.Vanessa Hudson, chief government, mentioned: “We sincerely apologise to our clients and we recognise the uncertainty it will trigger. Our clients belief us with their private info and we take that accountability critically.”Qantas shares dropped 3.6 per cent after it revealed the hack on Wednesday. The airline is the most recent Australian firm to be affected by a cyber assault, with telecoms firm Optus, healthcare supplier Medibank Personal, various Australian pension funds and port operator DP World all hit previously three years.