Qantas customer data leaked by hackers after ransomware attack
Date:
Mon, 13 Oct 2025 08:56:37 +0000
Description:
Scattered Lapsus$ Hunters leaked files on the dark web after negotiations broke down.
FULL STORY ======================================================================Hackers reportedly leaked data of 5 million Qantas customers after failed extortion attempt Attackers exploited Salesloft-Salesforce integrations to access and steal customer data 44 companies were affected, including Disney, Toyota, McDonalds, and Vietnam Airlines
Australias biggest airline, Qantas, is one of 44 companies whose sensitive customer data ended up on the dark web. Now, numerous cybercriminals have
easy access to contact and flight information on millions of people, which they can use for phishing, identity theft, fraud, and other attacks.
Last summer, a group of hackers going by the name Scattered Lapsus$ Hunters broke into Salesforce accounts belonging to hundreds of organizations in different industries - although Salesforce itself was not breached.
The attackers compromised Salesloft accounts that were integrated with Salesforce and exploited the linked API tokens and OAuth connections to pivot into Salesforce environments and exfiltrate customer data. "Don't be the next headline"
The group tried to extort Qantas for money, offering to delete the stolen files in exchange. The airline, however, refused to even discuss the matter with the attackers, telling Guardian Australia it will not engage, negotiate with, or pay any extortion demand.
In response, Scattered Lapsus$ Hunters released the stolen files on the dark web. The archive includes personal records of 5 million Qantas customers, including peoples names, email addresses, phone numbers, birth dates, and frequent flyer numbers. Credit card details, financial information, and passport details weren't stolen, it was said.
Dont be the next headline, should have paid the ransom , the group posted on its data leak site.
But apparently, Qantas is not the only company whose data was leaked in this wave. Citing analysts at cybersecurity outfit Intel 471, the Guardian
reported that 44 companies were included in the leak, and among them are Gap, Vietnam Airlines, Toyota, Disney, McDonalds, Ikea, and Adidas.
Scattered Lapsus$ Hunters is a group comprising members of Scattered Spider, Lapsus$, and ShinyHunters. Soon after the Salesloft/Salesforce breach, they announced going dark, which the cybersecurity community interpreted as fear
of too much publicity. Obviously, it didnt last long.
Via The Guardian
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. You might also like Salesforce platforms are being cracked open for data theft - FBI warns of UNC6040 and UNC6395 IOCs Take a look at our guide to the best authenticator app We've rounded up the best password managers
======================================================================
Link to news story:
https://www.techradar.com/pro/security/qantas-customer-data-leaked-by-hackers- after-ransomware-attack
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)