A knowledge breach at Qantas through a third-party service is typical of the Scattered Spider assault group, consultants say.
“Qantas’ cyber breach bears the hallmarks of Scattered Spider, the identical group behind latest assaults on Hawaiian Airways, WestJet, and Marks & Spencer — seemingly by means of compromising a third-party SaaS platform like Salesforce or Zendesk,” Toby Lewis, world head of menace evaluation at Darktrace mentioned on Wednesday. “The assault follows their typical playbook,” he mentioned.
Qantas alerted prospects to the breach Wednesday, saying, “On Monday 30 June 2025, we detected uncommon exercise on a third-party platform utilized by a Qantas airline contact centre. We then took quick steps and contained the incident.” Its personal methods stay safe, it mentioned, and though stolen information included “some prospects’ names, e-mail addresses, telephone numbers, beginning dates, and Frequent Flyer numbers,” no Frequent Flyer accounts have been compromised, and no passwords or log-in particulars have been accessed. The affected system, which it didn’t determine, contained no bank card particulars, private monetary data, or passport particulars.
