QANTAS Cyber Incident

[bussyboy]

Finally received email #3. Missed a few options from my bingo card...

View attachment 457002

I've some ideas
Data point #1 - wine preferences (qf wine data)
Data point #2 - annual credit card spend (from qff point earn transactions)

 

[Be.au]

How did you know someone was trying to port your number?

My phone kept claiming that it didn't have a SIM card randomly a number of times today (while actively using said SIM card). It did the same thing last Friday as well, but not as frequently.
Not sure if it's someone trying to steal the number or because the SIM card is fairly old.

You'll have received an SMS from the carrier trying to gain your number, with a one time code - some carriers will ask you to repeat this to them over the phone, enter it into a website, or send an SMS with the one time code.

This helps verify that you actually have access to the number and it's not being fraudulently ported solely based on (potentially) leaked information.

Might be worth getting the SIM card swapped with a new one or swap to an eSIM as it sounds like it may be on the way out if your phone thinks one isn't installed.

 

[DejaBrew]

I've some ideas
Data point #1 - wine preferences (qf wine data)
Data point #2 - annual credit card spend (from qff point earn transactions)

Done! (for others playing at home)

 

[albatross710]

Here is an example of how communications have to change. The emails we've received from qantas all now include a header with information which implies the email is authentically from Qantas. QFF, Points, SC, level. That used to be reliable until all of the information in the header has now been released. So the bad actors with this information could now replicate a very authenticate mail header with valid data. We can't even believe emails come from Qantas

 

[MELso]

Here is an example of how communications have to change. The emails we've received from qantas all now include a header with information which implies the email is authentically from Qantas. QFF, Points, SC, level. That used to be reliable until all of the information in the header has now been released. So the bad actors with this information could now replicate a very authenticate mail header with valid data. We can't even believe emails come from Qantas

View attachment 457004

Well, the likelihood of your points and SC balance being similar to the amount at the time of the hack are remote.

Having said that, Qantas could help ensure we could easily detect phishing attempts by giving us each 20,000 Qantas points and 200 SCs so that the amounts would clearly differ from the hacked amounts...

 

[Flyfrequently]

Today's data breach field tally is 11.

But can anyone top the 16 as per @DejaBrew post #1023 ?

 

[RB001]

giving us each 20,000 Qantas points and 200 SCs

You're not on 1,200 SC, perchance?

 

[Be.au]

https://www.qantas.com/au/en/frequent-flyer/my-account/profile/cyber-incident-review.html

Now up in the QFF section of the website.

As mentioned earlier by others, it is just the types of data and not the actual data as I had hoped.

 

[MELso]

You're not on 1,200 SC, perchance?

I should have been more ambitious in my demands - 700SCs for all I say!

 

[albatross710]

Well, the likelihood of your points and SC balance being similar to the amount at the time of the hack are remote.

Why so? For many people they may not fly regularly with qantas. My last activity with them was 9 months ago. If the data in the email header is 'close enough' that's enough to get irregular fliers reading the [scam] emails. But there is certainly a window of opportunity. I guess the best this the scam email can do is to include a verification link for you to log into the 'Qantas' scam site.

But if we know the there was credible knowledge that airlines were specifically being targeted in the previous week, then also expect an immediate plan to profit from that data. (there is no point in targeting airlines if you don't have a profit plan. (I think that is what good thieves do, steal to order.)

 

[Cloud9]

In light of what has come out so far about the Qantas data "leak" via Manila giving out credentials over the phone, simple question.

Is it time to start a class action? This is negligence. And if the employee claims vicarious liability, then responsibility has to land on Qantas.

Anyone game for a fight with Hudson and the goblins?

 

[justinbrett]

I got the group of 10 email.

Jokes on them, my profile data is years out of date!

 

[MELso]

Why so?

Because, for good or ill, Qantas points are everywhere. BP, Hoyts, Woolworths and many others mean people will have a decent trickle of points.

There will doubtless be a contingent of people who don't earn regularly, but plenty of people do, and this means a hacker won't be able to reliably get on the phone and say 'are you blah with x frequent flyer number, y points and z SCs?' It's not like a phone number or email that is likely to stay fixed over time.

 

[Princess Fiona]

I got the group of 10 email.

Jokes on them, my profile data is years out of date!

I got the same 10 in my email.
One daughter has 6/10 and the other doesn’t yet have an email.

 

[Point Ventures]

Just received 2nd email minutes apart from the 1st, to the same email address. Second one doesn’t have FF banner and is from a different email address to the 1st email.

 

[I love to travel]

In light of what has come out so far about the Qantas data "leak" via Manila giving out credentials over the phone, simple question.

Is it time to start a class action? This is negligence. And if the employee claims vicarious liability, then responsibility has to land on Qantas.

Anyone game for a fight with Hudson and the goblins?

Date of birth can cause real damage so there may be a reasonable chance of getting one up.

 

[Austman]

Would it need monetary losses?

Usually when making a claim against a person or an entity, you need to demonstrate monetary losses.

 

[DejaBrew]

Just received 2nd email minutes apart from the 1st, to the same email address. Second one doesn’t have FF banner and is from a different email address to the 1st email. View attachment 457019

Same here. It also suggests I've had only 3 data points breached....

 

[Be.au]

I got the same 10 in my email.
One daughter has 6/10 and the other doesn’t yet have an email.

Does anything show after logging into QFF, by any chance, without having received the email?

Post in thread 'QANTAS Cyber Incident'

Yesterday at 9:16 PM

https://www.qantas.com/au/en/frequent-flyer/my-account/profile/cyber-incident-review.html

Now up in the QFF section of the website.

As mentioned earlier by others, it is just the types of data and not the actual data as I had hoped.

• Be.au

• 

 

[AIRwin]

Just received 2nd email minutes apart from the 1st, to the same email address. Second one doesn’t have FF banner and is from a different email address to the 1st email.

Similarly, earlier email from Qantas Frequent Flyer ("Dear AIRwin") has the Frequent Flyer banner and a longer list of data types than the later email from Qantas Airways Ltd ("Dear Qantas Customer") from a different address over an hour later