Flying Kangaroo Goes to Ground on Data Breach
The aviation industry is no stranger to turbulence, but when a major airline like Qantas suffers a data breach affecting millions of customers, it's a serious blow to the company's reputation. The latest incident has left many questioning why the CEO was nowhere to be seen in the face of such a critical issue.
Qantas executives were slow to respond after the data breach was announced, with CEO Vanessa Hudson taking two days to do a short interview with Channel Seven in Athens, just hours after the breach was made public. The airline's acting CEO was also unavailable for comment, and media requests went unanswered for reporters trying to get more information.
The breach, which affected up to 6 million Qantas customers, saw them receiving personalized emails from Hudson explaining that their personal data had been hacked. Some customers received a follow-up email the next day, confirming that their name, email address, phone number, and frequent flyer number were among those compromised.
The Scale of the Breach
While no financial details or passport numbers were involved in the breach, Qantas executives are concerned about the potential for more serious data to be used against customers. According to Hudson's initial letter, no ransom note has been received, but experts warn that even simple identity details can be used to devastating effect.
A Pattern of Hiding from Bad News
Qantas executives have taken a low-key approach to addressing the breach, which has raised eyebrows. The airline's attempt to reassure customers with a focus on financial and passport details not being compromised may seem like a positive move, but experts argue that hiding from bad news can come back to bite.
In other recent data breaches, executives have faced significant criticism for their handling of the situation. For example, Optus chief Kelly Bayer Rosmarin was forced out after initially minimizing the severity of the breach, while Medibank's CEO David Koczkar chose between quietly paying a hacker or going public and facing scorn.
The Trend Towards Outsourcing
One factor contributing to these breaches is the trend towards outsourcing key operations and sending jobs offshore. Corporations rely on their partners' cybersecurity, but this creates opportunities for cybercriminals. Bringing all functions in-house may not solve the issue, as many breaches have been caused by human error or a momentary lapse in judgment.
Cybercrime is Evolving
Cybercriminals are becoming increasingly sophisticated, employing social engineering techniques to deceive IT help desks into granting access. They use methods to bypass multi-factor authentication, such as convincing help desk services to add unauthorized MFA devices to compromised accounts.
The Qantas Response
While Qantas executives have maintained a low profile so far, it's unclear how long this will continue. The airline's share price has remained relatively stable, and there has been little criticism of the company or its executives. However, hiding from bad news can come back to bite. Only time will tell if Hudson's strategy will pay off in the long run.