Hackers threaten Australian airlines and dump customer records online

The hacking group behind dozens of Salesforce-related compromises has published more than 150 gb of Qantas customer data to leak sites on both its dark-net leak site and one hurriedly published to the clear web in the wake of an FBI takedown of its previous clear-web leak site.

The date of publication was delayed several times, and messages exchanged on the group’s Telegram channel suggested some confusion among the hackers.

“Hate to bring down thousands or more people waiting on these leaks that is approaching very soon, we are currently re-conducting the selection process of companies that’ll be leaked. I am the one doing it due to more than half of the group currently in their beds snoring. Unfortunately, someone higher up flagged certain things a few minutes ago, and without approvals I cannot proceed further without receiving sign-offs,” one member of the group wrote shortly before the leak was to go live.

“For this reason, we have decided the best case scenario is that we delay the leaks for a bit longer. The data of companies will still be leaked, October 11th.”

Sure enough, the data was published, though at first the dark-net site appeared to be down due to a large amount of traffic, forcing at least one outburst that was soon deleted. Not long after, the hackers shared a clear-web site hosting the leaks; the dark-net site remains down as of the time of writing.

An injunction prevents Australian Aviation’s sister brand, Cyber Daily, from accessing or sharing details of the leaked data, but Scattered LAPSUS$ Hunters claims it consists of more than 5 million customer records, adding up to a total volume of 153 gigabytes.

VIEW ALL

Qantas was one of six companies whose data was leaked on Saturday, alongside Vietnam Airlines, Albertsons Companies, GAP, Fujifilm, and Engie Resources.

Soon after publication, Scattered LAPSUS$ Hunters posted a screen singling out Australia on its Telegram channel.

“Australia, I really hope for the love of god you’ve learned your lesson this time. When me and shanty dumped Optus a few years back we gave you multiple chances to comply with us. Australia government please get rid of the AFP or revamp the AFP. They are filled with ego and pride, so is the government of Australia itself,” a spokesperson for the group said.

“Change your laws, change your policies, change something, we will endlessly attack you till you eventually rewrite your own rules, go against what your government has stated it would never do, drop you ego and pride and comply with us in the future.”

Scattered LAPSUS$ Hunters added that Australia was one of five companies it was focusing its efforts on, alongside the United States of America, the United Kingdom, Canada, and France.

The hackers also called out several security analysts and companies, before promising further activity in the future.

“At this point, any and all corporations in the world should, by default, consider us real threat. To yourself, your company, critical infrastructure, and to INTERNATIONAL security,” the spokesperson said.

“We will never stop, see you all in 2026.”