Stay informed with free updates
Simply sign up to the Cyber Security myFT Digest — delivered directly to your inbox.
Qantas is investigating whether a hacking group that targeted UK retailer Marks and Spencer this year was behind a cyber attack that breached a database containing the personal details of 6mn of the Australian airline’s customers.
The company said the hackers targeted one of its call centres on Monday and gained access to a third-party customer service platform. Qantas said it was likely that a “significant” amount of personal data had been extracted from the database, which contained customer names, email addresses, phone numbers, birth dates and frequent flyer details.
The database did not contain financial information, such as credit card numbers, which are stored on different servers, said Qantas.
The attack comes days after the FBI warned that there were signs the “Scattered Spider” cyber criminal group had started to target the global airline sector.
“They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk,” the FBI said in an alert last week. It warned that extortion attempts were often made after sensitive information was stolen.
The warning followed recent cyber attacks on Hawaiian Airlines and Canada’s WestJet.
Scattered Spider is reported to be behind a number of high-profile data breaches, including those of M&S and MGM Casinos. It has gained a reputation for effective subterfuge techniques such as impersonating workers at companies to trick IT departments into providing access to systems.
Qantas, Australia’s largest airline, said it had moved quickly to secure its systems. It has alerted the Australian Federal Police, as well as other government agencies, and will contact affected customers.
Vanessa Hudson, chief executive, said: “We sincerely apologise to our customers and we recognise the uncertainty this will cause. Our customers trust us with their personal information and we take that responsibility seriously.”
Qantas shares dropped 3.6 per cent after it revealed the hack on Wednesday.
The airline is the latest Australian company to be affected by a cyber attack, with telecoms company Optus, healthcare provider Medibank Private, a number of Australian pension funds and port operator DP World all hit in the past three years.