QANTAS Cyber Incident

[Laptop Jockey]

Has anyone actually registered for the class action

Yes (ironically required providing most of the data that was stolen from Qantas in the hack )

I don't expect any money, but we need companies to be accountable, especially for mandated over-collection of personal data for the express purpose of monetization.
Qantas' poor cyber security practises have been known for years in the industry, the biggest surprise is it took this long.
Between Qantas, Optus and NIB there probably aren't many working-age Australians that haven't been impacted by just these three incidents alone.

 

[SYD]

Yes (ironically required providing most of the data that was stolen from Qantas in the hack )

But you did anyway?

I don't expect any money, but we need companies to be accountable, especially for mandated over-collection of personal data for the express purpose of monetization.

Unless someone can prove loss directly from the hack, no one will see a cent other than the lawyers taking in the CA….

Qantas' poor cyber security practises have been known for years in the industry, the biggest surprise is it took this long.

The hackers actually used weakness in the Salesforce client - if anyone should be taking out class actions, it ought to be against Salesforce (and the 40 odd companies hacked the same way).

Between Qantas, Optus and NIB there probably aren't many working-age Australians that haven't been impacted by just these three incidents alone.

Yep. Unfortunately more to come….

 

[elanshin]

I think one thing people keep forgetting is that regardless of company or system, the weakest point is always us humans and if we are to look at history, we can see that there aren't very many things that can't be cracked open through the people.

As AI usage and sophistication increases, we're just going to see more and more breeches. It's completely possible to replicate someones voice and mannerisms with very short voice samples within seconds these days. I wouldn't be surprised if people could make AI video calls shortly too.

 

[Dvg]

Thanks. I didn't connect those dots. I think such action is shameful. Publishing actual personal data - of course. But 'banning' publication of information about whether that data has been used, is treating us with contempt.

How unusual of Qantas to treat us with contempt…….

 

[odysseus]

The hackers actually used weakness in the Salesforce client - if anyone should be taking out class actions, it ought to be against Salesforce (and the 40 odd companies hacked the same way).

It wasn't weakness in that software - as indeed, not all customers were 'hacked'.

They just utilised that software, in the same way scammers of old used to target if you had a Telstra account, or called you about "your Windows" or Westpac, or Australia Post and so on. If you then give them the keys to those accounts, they will then exploit what you gave them, in a similar way to what happened here.

 

[SYD]

It wasn't weakness in that software - as indeed, not all customers were 'hacked'.

They just utilised that software, in the same way scammers of old used to target if you had a Telstra account, or called you about "your Windows" or Westpac, or Australia Post and so on. If you then give them the keys to those accounts, they will then exploit what you gave them, in a similar way to what happened here.

Exactly. They knew how to get those keys to a common platform….