The Same Cyberhacking Group Breached 3 Airlines In 3 Weeks
In the past three weeks, the same hacker group has breached three global airlines—WestJet, Hawaiian ... More Airlines and Qantas. getty
WestJet reported a cybersecurity incident beginning June 13, affecting internal systems and potentially customer access to its app and website.
On June 27, the FBI warned it has observed 'the cybercriminal group Scattered Spider expanding its targeting to include the airline sector' and that 'anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk.'
Charles Carmakal, chief technology officer of Mandiant, a cybersecurity firm and a subsidiary of Google, wrote on Linkedin of 'multiple incidents in the airline and transportation sector" resembling Scattered Spider's tactics, suggesting other airlines may have been targeted.
Qantas Airlines, Australia's flagship carrier, reported Wednesday that a cyber incident had occurred Monday in one of its contact centers that exposed data for as many as 6 million customers.Multiple news outlets reported last week that Delta Air Lines locked access to some customers' SkyMiles frequent flier accounts—but the airline confirmed to Forbes the actions were precautionary and 'not the result of any breach of Delta or vendor systems.'
Scattered Spider is a loose community of hackers that has been credited with many high-profile cyberattacks in recent years, including the 2023 ransomware attacks on MGM Resorts and Caesars Entertainment and, more recently, against the British retailer Marks & Spencer and the insurance company Aflac. The group is primarily composed of young adults and some teenagers, mainly native English speakers based in the United States, Canada and the United Kingdom, Carmakal told Forbes. The group is best known for using sophisticated social engineering tactics like phishing, SIM swapping and impersonation to bypass multi-factor authentication security processes. 'Something they do probably better than any other group out there is social engineering, and a big part of that success is the Western accent,' Carmakal said. 'When they pretend to be a 24-year-old employee at a company in the United States or the United Kingdom, they sound credible because they're 24 years old and they're based in the United States or the United Kingdom.' Once they've infiltrated a company's system, a hacker group may not reveal itself immediately, Alex Waintraub, a cyber crisis management expert at CYGNVS who has worked on hundreds of ransom cases, told Forbes. 'In a lot of cases, they'll move laterally and search for a cyber insurance plan or an incident response plan or a breakdown of the company's financials as a way of assessing their demand.' The goal is to arrive at the highest number that the company would be willing to pay in return for the hackers returning stolen information. 'I don't want to say there's honor amongst thieves because that gives them a little too much credit,' Carmakal said. 'But I think these groups understand the business model, and they're going to comply with the business model so that they can continue to make money. And that model requires them to stay true to their word.' Why Are Airlines Being Targeted In Cyber Attacks?
'Aviation is data rich and companies often have older legacy systems that are interconnected with a bunch of third-party platforms,' Waintraub said. 'They have massive troves of personal data and loyalty program data and travel information, and that makes them a nice target.' One possibility for the timing, suggested Carmakal, is simply that it's peak travel season with a holiday weekend coming up. 'These threat actors are not just motivated by money,' he said. 'They do like the ego. They like being able to brag to their friends and say that they are responsible for this news story or this outage.' Scattered Spider's modus operandi has been to swoop into a sector and select multiple targets before moving on. 'They tend to stick with that sector for a few weeks and go after big organizations,' Carmakal said. 'It doesn't have to be the biggest.'
Carmakal said he's aware of 'a number of airlines' that have made changes in an effort to block Scattered Spider from compromising their systems. 'It might be a little bit more painful for employees to take certain actions like resetting passwords,' he said. 'People are taking the threat very seriously. You know, when you see a particular threat actor basically rinse and repeat over and over again across multiple victims in the same sector, people take notice.' What We Don't Know
Which other airlines, if any, have been attacked. 'Pretty much every North American airline is on high alert because they've heard the warning,' Carmakal said. 'You usually see disclosures happen weeks after the fact—but not every company has to disclose. It depends on how far the attacker went. Victim organizations may not yet have gotten to the point in their investigation that they know if data was stolen.' Should Consumers Be Worried That Their Personal Data Was Exposed?
'Consumers are generally protected by the major financial institutions if credit card numbers are exposed,' Carmakal said. If a credit card number is used by a bad actor, for example, 'you're going to get a new credit card and you're not going to be liable for any fraudulent purchases.' He says identity theft is harder to protect against and acknowledges that 'Social Security numbers have been stolen so many times and are generally available to any threat actor that wants to have access to them.' As a general common-sense precaution, he recommends freezing your credit with the three major U.S. credit bureaus (Equifax, Experian and TransUnion) to prevent anyone from taking out credit in your name. Further Reading
Inside The Ransomware Attack That Shut Down MGM Resorts (Forbes)
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Insider
29 minutes ago
- Business Insider
African countries without a functional national airline as of June 2025
Most of us can name a few national airlines without even thinking. Emirates instantly brings the UAE to mind, and Qantas proudly flies as 'The Spirit of Australia. These national carriers are symbols of national pride, identity, and ambition. National airlines serve as symbols of national identity and play key roles in improving tourism, employment, and trade. Several African countries, including Nigeria, currently lack a functional national airline despite potential benefits. Some African nations, such as Ethiopia and Rwanda, have achieved success and growth with their flag carriers. Emirates instantly brings the UAE to mind, and Qantas proudly flies as 'The Spirit of Australia. These national carriers are symbols of national pride, identity, and ambition. But while many countries have them, some African countries are still without a functional national airline. A national airline often plays a critical role in connecting people, driving tourism, creating jobs, and boosting trade. Especially for landlocked or tourism-dependent countries, having a flag carrier can mean the difference between economic isolation and opportunity. However, years of underfunding, political interference, corruption, and poor infrastructure have grounded many national carrier dreams before they could take flight. Some national airlines have collapsed under the weight of debt. Others have been lost in a tangle of bureaucracy or ended up as cautionary tales of mismanagement. Take Nigeria, for example. It's the most populous country in Africa, huge market, and massive potential. And yet, it currently has no national airline. From 1958 to 2003, Nigeria Airways proudly carried the flag. It had everything from Boeing 737s and 747s to Airbus A310s. But after decades of financial trouble, the airline was grounded for good. Since then, Nigeria has tried, again and again, to launch a new national carrier. By some counts, there've been at least 11 attempts. The most recent, Nigeria Air, even got as far as unveiling branding and aircraft. But like those before it, the project has stalled, caught in a web of political wrangling and public scepticism. Below are the African countries without a functional national airline as of June 2025: In contrast, several African nations are reviving or expanding their flag carriers. Ethiopia's state-owned Ethiopian Airlines remains a model of success. Countries like Rwanda (RwandAir), Tanzania (Air Tanzania), and Egypt (EgyptAir) continue to invest in their national fleets.
Associated Press
29 minutes ago
- Associated Press
Amber International Accelerates Crypto Reserve Strategy with Recently Announced $25.5 Million Private Placement Backed by Leading Global Investors
Institutions Subscribe at US$10.45 per ADS, Demonstrating Strong Investor Confidence SINGAPORE, July 3, 2025 /PRNewswire/ -- Amber International Holding Limited (Nasdaq: AMBR) ('Amber International', or the 'Company'), a leading provider of institutional crypto financial services & solutions and operating under the brand name 'Amber Premium', today announced continued progress on its $100 million Crypto Ecosystem Reserve Strategy, enhanced by proceeds from a recently announced $25.5 million private placement. Participating institutional investors subscribed at a price of US$10.45 per American Depositary Share (ADS), determined based on a 5% discount to the 3-day volume-weighted average price (VWAP) of AMBR's ADSs on Nasdaq between June 25 and June 27, 2025. This corresponds to US$2.09 per Class A ordinary share, based on the 5:1 ratio of Class A ordinary shares to ADSs. The private placement involved the issuance of 12,200,915 Class A ordinary shares—equivalent to 2,440,183 ADSs—and was supported by a distinguished group of institutional investors including CMAG Funds, Mile Green, Pantera Capital, Choco Up, Kingkey Financial International (Holdings) Limited ( and other prominent investors. Proceeds from the private placement will be strategically used to enhance Amber International's $100 million Crypto Reserve initiative, which is designed to support long-term ecosystem alignment and product innovation. Since the strategy's announcement earlier this year, the reserve has been allocated toward major digital assets including Bitcoin (BTC), Ethereum (ETH), and Solana (SOL), with ongoing deployment into Binance Coin (BNB), Ripple (XRP), and Sui (SUI). The Company is uniquely positioned to leverage its Ecosystem Reserve to support innovative projects on these blockchains, delivering differentiated products and services to institutional clients. The Reserve will further empower the Company to remain at the forefront of blockchain innovation in areas such as Real World Assets (RWA) and AgentFi, strengthening its leadership in the next wave of Web3 financial infrastructure. About Amber International Holding Limited Amber International Holding Limited (Nasdaq: AMBR), operating under the brand name 'Amber Premium', is a leading provider of institutional crypto financial services and solutions. A subsidiary of Amber Group, Amber Premium delivers institutional-grade market access, execution infrastructure, and investment solutions to help institutions and high-net-worth individuals optimize their digital asset portfolios. The firm offers a regulated, scalable financial ecosystem powered by proprietary blockchain and financial technologies, AI-driven risk management, and quantitative algorithms across CeFi, DeFi, and OTC markets. Learn more at Safe Harbor Statement This announcement contains forward-looking statements within the meaning of the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. All statements other than statements of historical fact in this announcement are forward-looking statements. These forward-looking statements are inherently uncertain, and shareholders and other potential investors must recognize that actual results may differ materially from the expectations as a result of a variety of factors. Such forward-looking statements are based upon management's current expectations and include known and unknown risks, uncertainties and other factors, many of which are hard to predict or control, that may cause the actual results, performance, or plans to differ materially from any future results, performance or plans expressed or implied by such forward-looking statements. Such risks and uncertainties include, but are not limited to: (i) the risk that the Company may not obtain the regulatory approval in relation to DWM Asset Restructuring in a timely manner or at all and may need to continue relying on the intercompany service agreements to receive the economic benefits of the WFTL Assigned Contracts; (ii) risks related to the performance of the amendment, waiver and framework agreement, including the expected timing and likelihood of receipt of the regulatory approvals contemplated therein; (iii) the risk that the Company's business lines are nascent, not fully proven by market and subject to material legal, regulatory, operational, reputational, tax and other risks in the jurisdictions where it operates; (iv) the risk of declining prices of digital assets and reduced transaction volumes conducted by the Company; (v) regulatory and market risks related to cryptocurrencies and digital assets and in the jurisdictions where the Company operates; (vi) risks related to fluctuations in the market price of bitcoin and any associated unrealized gains or losses on the digital assets that the Company may record in its financial statements as a result of a change in the market price of bitcoin from the value at which the Company's bitcoins are carried on its balance sheet, as well as commercial, legal, regulatory, accounting and technical uncertainties associated with the Company's crypto holdings; (vii) a decrease in liquidity in the markets in which the cryptocurrencies and digital assets are traded; and (viii) the impact of the availability of spot exchange traded products and other investment vehicles for digital assets. Further information regarding these and other risks is included in the Company's annual report on Form 20-F and other filings with the SEC. Investors can identify these forward-looking statements by words or phrases such as 'may,' 'will,' 'expect,' 'anticipate,' 'aim,' 'estimate,' 'intend,' 'plan,' 'believe,' 'potential,' continue,' 'is/are likely to' or other similar expressions. The Company undertakes no obligation to update forward-looking statements to reflect subsequent occurring events or circumstances, or changes in its expectations, except as may be required by law. Although the Company believes that the expectations expressed in these forward-looking statements are reasonable, it cannot assure you that such expectations will turn out to be correct, and the Company cautions investors that actual results may differ materially from the anticipated results. Media & Investor Contacts In Asia: Amber International Holding Limited Serena Wang Phone: +65 6022 0228 E-mail: [email protected] | [email protected] | [email protected] In the United States: International Elite Capital Inc. Annabelle Zhang Tel: +1 (646) 866-7928 E-mail: [email protected] View original content to download multimedia: SOURCE Amber International Holding Limited
Forbes
38 minutes ago
- Forbes
Why CEOs Really Do Need To Be Customer Zero
Dennis Kozak is the Chief Executive Officer at Ivanti, responsible for the company's overall strategic direction and growth. A colleague once brilliantly suggested staying in your own guestroom for a night to see what your guests really experience. After all, a nice mattress gets overshadowed quickly if car headlights keep waking you up—and you wouldn't know that if you didn't sleep there. Being Customer Zero is the equivalent of sleeping in your guest room every night. My first week as CEO, I didn't need to get briefed on our products because I lived in them. I insisted our IT team set me up with the same experience our customers have—not a special executive version, not a sanitized demo, but the real thing. That decision revealed more about our business than a hundred PowerPoint presentations ever could. But too many tech leaders remain disconnected from the day-to-day reality of using their own solutions. They see polished demos and curated metrics but miss the friction points that frustrate actual users. CEOs as Customer Zero is not a marketing stunt. It's not a charming talking point. It's a necessity for effective leadership and operations. Establishing A Real Ownership Mentality Throughout my career, I've distinguished between what I call owner mentality versus renter mentality. Renters make decisions based on short-term convenience. Owners invest in understanding every aspect of their property because they're committed to its long-term value. Customer Zero cultivates this ownership mentality throughout the organization. When your marketing team struggles with the same UX issues your customers face, those "minor bugs" suddenly become urgent priorities. When your sales team relies on your security solutions to protect sensitive deals, product promises transform into personal commitments. What Being Customer Zero Looks Like In Practice At my company, we put this approach to the test during extraordinary circumstances. When we rapidly grew to 3,200 employees through several strategic acquisitions, we faced exactly the kind of challenges our customers deal with: We remotely managed and provisioned around 3,000 devices globally while deprovisioning approximately 2,000 devices—all during peak pandemic disruption. Our team generated over 22,000 tickets on our platform, with automatic resolution and self-help functionality reclaiming substantial bandwidth for our IT support team. We implemented our own DevSecOps processes, scanning our code for vulnerabilities and prioritizing critical security issues—the same workflow we recommend to customers. The results weren't always comfortable, but they were invaluable. Our teams delivered unfiltered, candid feedback about functionality and user experience. We made changes accordingly, often discovering issues no focus group would have uncovered. How Being Customer Zero Drives Transformation Being Customer Zero drives three critical transformations: Like many of our customers, our company has on-premises products moving to the cloud. By experiencing this migration firsthand, we get immediate feedback on gaps between these environments. When you acquire different solutions with varying technology stacks, integration becomes critical. Our Customer Zero program evaluates these integrations through day-to-day use, testing both single-pane-of-glass management and API functionality. Nothing builds credibility like saying, "We rely on this so heavily that our business would collapse without it." Customer Zero creates authentic conviction in both sales teams and customers. How To Become Customer Zero For Your Own Company If you're considering implementing your own Customer Zero initiative, start with these practical approaches: • Champion universal adoption at the executive level. • Create formal feedback channels between internal users and development. • Measure and track internal usage metrics as seriously as customer metrics. • Document both successes and pain points for transparent customer conversations. • Prioritize internal user experience issues in your development backlogs. The most crucial element? Commitment to authenticity. If your team discovers limitations, fix them before expecting customers to adapt around them. Checking Your Ego At The Door Let's be honest: Becoming Customer Zero can be humbling. Maybe really humbling. You'll discover rough edges in your products. You'll experience frustrations your customers have silently endured. You might even question past decisions about product priorities. That discomfort is exactly the point. It forces your organization to confront reality rather than marketing aspirations. To make it work, you have to check your ego at the door. This approach has transformed how we innovate. Our teams now operate at the leading edge—managing complex IT data while leveraging AI and automation capabilities because our own business depends on them working flawlessly. Every executive should regularly ask: Would I bet my business on my own product today? If the answer makes you hem and haw even a little bit, you've identified your most pressing priority. The greatest gift you can give customers isn't another feature—it's the confidence that comes from knowing you trust your solutions enough to build your own success upon them. Forbes Business Council is the foremost growth and networking organization for business owners and leaders. Do I qualify?
