QANTAS Cyber Incident

[dylarr]

I think we need to drop the rhetoric about offshoring. This type of stuff can and has happened here in Australia and just about everywhere in the world.

I agree with this. There's also the human element here too - I do genuinely hope the agent targeted by these sophisticated criminals during the course of work is getting the support they need.

 

[Vincimus]

That's true - any low paid worker can be targeted - the $$ offered is relative to the country. Which is why they target the 'lowest paid' country first.
If you were a hacker, why try all the challenges to a 'secure' cyber system - much easier to find a disgruntled / aggrieved / underpaid employee...

 

[kevrosmith]

I don't think people should discount different cultural work practices, expectations and pressures in this instance. Some cultures in some countries do default to a more pressured "submissive" culture - trying to please, trying not to upset, trying to make sure the 1 million other citizens don't take your job, different (more comparatively brutal) hire/fire work practices etc. - and so to hear it might be a vishing (voice phishing) attack where (I can imagine a scenario) a staff member may have been pressured/duped into providing information would make sense in such a cultural work context.

I think it's fine to consider that different countries do have different work cultures and expectations without it degenerating to a "racist" motivation.

 

[Trekky1]

I got my email last night as well. I vaguely remember calling Q in 2023 to cancel a flight.

 

[Daver6]

If it was Salesforce (Qantas use Salesforce extensively across the group but haven't confirmed if this was the system involved in this breach), you can configure trusted IP ranges which would go a long way towards preventing these kinds of attacks - so hopefully where available these types of controls are being used.

https://help.salesforce.com/s/articleView?id=platform.login_ip_ranges.htm&type=5

You're assuming that the attacker access it the system remotely. How do you know that the attacker wasn't already inside the network? Blocking IPs wouldn't have helped at all in that scenario.

Not picking on anyone, but the amount of arm chair experts who seem to think if just a certain one thing was done, it wouldn't have happened. Given there is no information on how the breach actually occurred everyone is just wildly speculating.

I also find it ironic at how aggrieved everyone is with QF about this. I'm going to go out on a limb and suggest most people's own cyber security is far from where it should be.

 

[Fifi2207]

Nah I’d prefer an upgrade to first class on every flight for the next year thanks.


Interesting that is 6 million and Manila so those who’ve not been dealing with Manila are fine. I’d love to know how long that goes back time wise as well!

I’ve been a member since 2000 and WP most of this time. I cannot knowingly recall speaking to Manila Call Centre but I’m affected according to second email received from Qantas.

 

[Vincimus]

Just saying that if you think, (from an Australian 'relatively rich' perspective) you can speak that others won't take a life changing amount of money you may not have been in that world. I have, I know what can be bought and sold. It's all very sad, and I'd wish it otherwise, but the cold fact is it is done. Disgruntled / underappreciated employees exist everywhere - Australia is no different. But our people have more to lose than gain by betrayal. Others unfortunately are in the other camp. Again no judgement. It just is.

 

[DC3]

Not really worrying too much about QF, because how many overseas hotels have had access to my passport details, cc, phone number, email address, home/postal address, etc, etc ……?

 

[Himeno]

Not really worrying too much about QF, because how many overseas hotels have had access to my passport details, cc, phone number, email address, home/postal address, etc, etc ……?

I agree, from what they have said thus far, it seems that everything that was acquired in this "breech" is data that is likely already out there.

Assuming the acquired data is only what has been stated, it doesn't seem that it will have much impact, provided people pay attention to what they are doing and not just blindly click on random email links or answer/call random numbers.

 

[justinbrett]

Just saying that if you think, (from an Australian 'relatively rich' perspective) you can speak that others won't take a life changing amount of money you may not have been in that world. I have, I know what can be bought and sold. It's all very sad, and I'd wish it otherwise, but the cold fact is it is done. Disgruntled / underappreciated employees exist everywhere - Australia is no different. But our people have more to lose than gain by betrayal. Others unfortunately are in the other camp. Again no judgement. It just is.

This kind of thing happens all the time in wealthy countries like Australia. Just google embezzlement.

If you ever want to hold an Australian security clearance you have to undergo an intrusive financial background check to see if you would have motive to accept bribes.

 

[Princess Fiona]

Just to clarify.
6 million people affected according to QF.
Nothing to do with having called an offshore call centre or not.
Nothing to do with whether it was in the Philippines or anywhere else.

If you have a QFF account (15 million people worldwide do) then there is a decent chance that you are affected by this.

 

[Vincimus]

I guess the question is why this is tagged to the Philippines CC?

But also agree with a previous poster, we probably have similar exposure to any loyalty programme that has 'off-shore' call centres with access to the customer DB.

 

[Daver6]

This kind of thing happens all the time in wealthy countries like Australia. Just google embezzlement.

If you ever want to hold an Australian security clearance you have to undergo an intrusive financial background check to see if you would have motive to accept bribes.

Heck....what about say people who make decisions about protecting an airline being given CL membership but said airline

 

[justinbrett]

I guess the question is why this is tagged to the Philippines CC?

Because that’s where the breach occurred. It was a third party call centre system, not a QF system.

 

[Vincimus]

but somebody earlier in this thread challenged that. What is the truth and how do we ensure that?

 

[TheInsider]

Just a heads up for everyone else caught up in the hack. I just received an email offer from Qantas for a $99.50 credit on a NAB cc. Click on the "Claim Now" button. Very slick email, my FF status etc was noted. So its started.

""From the email.
How to Claim Your Gift:

• Click on "Claim Now" to begin.
• Follow the simple 3-step process to redeem your coupon.

Things to Know Before You Start:

• This gift coupon can be redeemed only once. Please do not share the link with others.
• You will need to verify your billing address.
• Choose your preferred method for redeeming the coupon.
• Complete SMS Verification to confirm your payment details.
• The coupon balance will be reflected on your statement within 24 business hours.

This email has been happening for quite a while tbh

 

[DejaBrew]

Not picking on anyone, but the amount of arm chair experts who seem to think if just a certain one thing was done, it wouldn't have happened.

“Try this one trick hackers don’t want you to know to prevent any data breach”

 

[RooFlyer]

I also find it ironic at how aggrieved everyone is with QF about this. I'm going to go out on a limb and suggest most people's own cyber security is far from where it should be.

You are dead right in respect of my cyber security; but then I'm not holding 6 million people's DoBs etc. And if I did, it would probably be stored in ring binders in my garage. Probably a more secure there?? I'd like to see the pitch on the dark web. "For sale - 1,000 A4 ring binders with info that's already out there. Send your truck to ...."

Not yours, but I find the argument 'oh, the data is already out there somewhere, nothing to see here' quite risible.

 

[justinbrett]

Some boffin on ABC says it’s likely QF will get a ransom offer

 

[cove]

Now that we have sold our business we don’t answer calls from unknown international sources. The Australian Government don’t want hackers to get paid ransom money. Our business had insurance cover but didn’t get get hacked.