QANTAS Cyber Incident

has anyone got an email yet about being directly affected?
Post automatically merged:

has anyone got an email yet about being directly affected?
 
MrMickeyg said:
has anyone got an email yet about being directly affected?
Click to expand...
Don't think everyone has received the initial email yet, let alone the one confirming direct impact. Also, per the AFF article posted earlier in this thread, "...Qantas did not immediately have an answer to our question about how long customers might need to wait to find out directly whether or not they are impacted."
 
OATEK said:
Oh, I think that is harsh! I am sure they monitor the storage requirements for the collected data! How much gets read, yes that is the question. Assume a growing involvement of AI in SIEM review, but where QF are up to is anybody's guess.
Click to expand...

Yes they can increase storage requirements, but someone would actually need to configure/program the SIEM properly to pick up unusual data in the logs for alerting to the SOC. Sending raw logs to SIEM doesn't really do much. Even with events integration, a whole bunch of filters and rules would need to be setup to identify issues from a sea of events.
 
gtrod said:
27% of all pins are the most common 20 numbers as can be seen on this page:
informationisbeautiful.net

Information is Beautiful

Distilling the world's data, information & knowledge into beautiful infographics & visualizations
informationisbeautiful.net informationisbeautiful.net

If you guess 3 numbers from the 20 most common pins you would likely be successful compromising 243,000 of the 6 million accounts.
Click to expand...
Very interesting - none of my PINs make either list. I would expect and hope people use different pins for different uses, one pin for secure things like financial institutions, and a different pin for say, your gym locker - may be naive thinking!

if I were guess PINs of AFF members, I'd be looking at 7474, 7879, 3303, etc... 🤣
 
Check out the latest credit card signup bonus point offers
Read our AFF credit card guides and start earning more points now.

AFF Supporters can remove this and all advertisements

elanshin said:
Waste of time, compute power and cost for such little gain. Its cost to reward ratio doesn't make as much sense.
Click to expand...

Points definitely have value. Clearly there's some value or Qantas wouldn't have been targeted in the first place.

There's not much compute power required for a login. Distribute login requests amongst a million member botnet. Have each device try a few logins. Do one request per device per day if you want it to fade into the background.

33kft said:
If you were the attacker who stole this data, and also had access to the FF's e-mail address or ported their mobile numbers, and they weren't using an authenticator, and weren't stopped when iterating through 6 million accounts, sure.
Click to expand...

I guess the issue is you only get to the SMS/authenticator verification after you've got the PIN. Getting that far in the process indicates you've guessed the PIN successfully.

I can't think of any 2FA being used when making requests via phone. Maybe it's different if you have the authenticator app installed, but for me it's only ever been FF#, pin, and then some quick verbal questions by the phone agent.

33kft said:
Again the importance of any one control can't be downplayed but shouldn't be exaggerated either.
Click to expand...

Things will be fine until they aren't. Better to get ahead of it and make changes now.
 
SeatBackForward said:
They just pushed out another email, completely ignoring the incident.
Click to expand...
Makes sense given it doesn't even rate an article on their front page. In fact, today's only articles appear to be -:
  1. Photos: inside Qantas’ newest jet, the A321XLR
  2. Travellers caught out by China’s powerbank battery ban
  3. The last Qantas A380 returns this year
:rolleyes:
 
DejaBrew said:
Makes sense given it doesn't even rate an article on their front page. In fact, today's only articles appear to be -:
  1. Photos: inside Qantas’ newest jet, the A321XLR
  2. Travellers caught out by China’s powerbank battery ban
  3. The last Qantas A380 returns this year
:rolleyes:
Click to expand...

It is on the home page of the website and the app:

1751437853662.png
 
ab156 said:
Risk management in the investment committee is remarkably straightforward—just ignore it or bump it down the priority list. After all, what’s the worst that could happen? A sternly worded letter from the OAIC and a mildly uncomfortable public apology? Hardly worth losing sleep over when there are financial targets to hit and bonuses on the line.

Until Boards and Executives start facing personal financial consequences—actual, tangible punitive damages, performative risk management will remain BAU.
Click to expand...

I've gone through many airline security assessments, and they're insane. Much more difficult than non-airlines.
One must remember that 'safety' is a subjective concept. There is no such thing as 'safe' or 'not safe'. There are only standards, procedures, policies, training, etc. Nothing is and will ever be 100%.

Unless you want a chip in your arm.
The government might try to sell that to you next.

2030 here we come!
 
I haven’t received an email from them yet either, not that it will tell me anything more than is in ABC news or elsewhere.

I’m hopeful I’ve got no email from them because my data wasn’t impacted by this. But it could also mean I’m in a different ‘impacted customer’ batch which will be sent a different email later…

Or perhaps because I’m based in the UK they may have to send something slightly different to comply with GDPR legislation?
 

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.

Recent Posts

Currently Active Users

... and 70 more.
Total: 964 (members: 120, guests: 844)
Back
Top