A major cyber security breach has exposed the personal data of up to six million Qantas customers, after a third-party contractor was compromised in a targeted attack.
The stolen data includes names, phone numbers, email addresses, dates of birth and frequent flyer numbers.
Here’s what Qantas customers should do after major data breach:
While no credit card details have been accessed, experts warn the information is still valuable for identity theft and phishing scams.
On Wednesday afternoon’s episode of The Briefing, Cyber security expert Professor Matthew Warren explains how serious this breach is and what you should do if your info is affected.
“It’s serious because again, it’s impacted six million customers. So it’s of national significance,” Warren said.
Under Australia’s Privacy Act, personal data about citizens is not permitted to leave the country.
If the compromised data was stored offshore, it could amount to a serious breach of national privacy laws.
“They could use (stolen data) for ID fraud or even sell (them) on the dark web to other criminal gangs… that data is the commodity that hackers actually want,” he said.
Warren said people should be alert to suspicious emails or calls and implement multi-factor authentication on their accounts.
“Check what’s in the email, check that the address is correct, check if the person has the right information on the phone, and quite simply if they don’t, hang up or delete the email.”
Subscribe to The Briefing, Australia’s fastest-growing news podcast on LiSTNR today. The Briefing serves up the latest news headlines and a deep dive into a topic affecting you. All in under 20 minutes.