Scattered Spider
Scattered Spider
Scattered Spider, also referred to as UNC3944, is a hacking group mostly made up of teens and young adults believed to live in the United States and the United Kingdom.
The group gained notoriety for their involvement in the hacking and extortion of Caesars Entertainment and MGM Resorts International, two of the largest casino and gambling companies in the United States. Scattered Spider has also targeted Visa, Marks & Spencer, PNC Financial Services Group Inc., Transamerica, New York Life Insurance Co., Synchrony Financial, Truist Bank, and Twilio. More recently, members of Scattered Spider have been connected with the hacks against Snowflake cloud storage customers in the US.
Qantas hack
What caused the Qantas cyber-attack?
Qantas has said a cybercriminal targeted a call centre and gained access to a third-party system that held customer information.
The company detected the unusual activity on Monday and shut it down, but believes a “significant” amount of the personal information of customers may have been taken.
The alleged culprit of the attack has yet to be identified, but shares similarities with a ransomware group known as Scattered Spider. The group has targeted airlines in the US in recent weeks by calling the IT support for large companies, often impersonating employees or contractors to deceive IT help desks into granting access, and bypassing multi-factor authentication (MFA).
What was taken in the Qantas data breach?
Qantas is still investigating the amount of data taken but believes it includes:
- Names
- Email addresses
- Phone numbers
- Dates of birth
- Frequent flyer numbers
The airline has said the breach did not include credit card details, personal financial information or passport details, as this information was not held by the system.
The airline said no frequent flyer accounts were compromised, and passwords, pins and log-in details have not been accessed.