Latest news with #customer privacy
ABC News
12 hours ago
- Business
- ABC News
Qantas CEO Vanessa Hudson apologises to customers for data breach
The Qantas chief executive says the airline takes cybersecurity breaches "incredibly seriously" and has apologised to more than 6 million customers who received a personalised email on Wednesday, informing them that cybercriminals had broken through the company's defences. "What I would first like to say is acknowledge the impact to all our customers and, first and foremost, I'd like to apologise to them," Vanessa Hudson said in an interview with Channel Seven in Athens overnight. "And so, right up front, I want to say we take this seriously and we are going to do everything that we can to communicate transparently." Ms Hudson said the breach occurred when a cybercriminal infiltrated one of the airline's call centres and accessed a service platform that enabled them to get access to customer data. She said the criminals accessed "principally customer names, also phone numbers and frequent flyer numbers as well". "That is something that we are very concerned about and we are absolutely doing everything that we can to rectify this situation," she said. "What I can also say, though, is that that the threat has been contained and the systems are now secure, and our number-one focus is to support customers through this process." Ms Hudson said the airline communicated with its customers "as quickly as possible" and it was being transparent. "Part of the steps that we're taking [involves being] … really transparent with customers, but then also obviously next week we'll be following up and giving our customers the information that they need to understand how the specific data pertaining to them has potentially been breached in this." Ms Hudson said the company had invested "tens of millions" of dollars in cyber security and "that's been increasing year on year" but criminals were getting more sophisticated. "We take cybersecurity incredibly seriously, and we have got absolute focus right across our organisation, from training to system controls to system alerts in this instance," she said. Ms Hudson said Qantas was now working with the federal government to "investigate this right through to the end". "These are criminal cybercriminals and we have involved the AFP and we've involved the government cybersecurity team," she said. She noted the cybercriminals did not get access to customers' passport information, credit card information or password information. "We have not had passport information breached. We have not had credit card information breached and we have not had password information breached." Ms Hudson said Qantas had provided "significant training" to employees but cybercriminals were getting more apt at breaching security measures. Ms Hudson said the airline had now "strengthened and increased controls" and would continue to build its defences against future breaches. But she said the reality for all organisations was "we live in a world where our cybercriminals are global". "They [cyber criminals] are good at what they do. They are constantly innovating in terms of what we do. And so that is why we are constantly going to be improving our systems as we go forward as well." The company's reputation has been battered in recent years. That has included coping penalties for misleading customers by selling tickets on flights that had already been cancelled. Former Qantas CEO Alan Joyce also faced heat in parliamentary hearings over rising profits and airfares despite growing customer dissatisfaction. Asked whether the cyber breach would further dent the airline's standing with customers, Ms Hudson said "trust is something that is earned" and "comes from being up-front and transparent and that is what we are doing". "In this event, we have communicated to customers as soon as we knew."
Bloomberg
20-06-2025
- Bloomberg
Aflac Reports Potential Leak of Personal Data in Cyber Breach
By and Jake Bleiberg Save Aflac Inc. said a recent cybersecurity breach could have given intruders unauthorized access to customers' personal information, including Social Security numbers, as well as health and claims data. The insurer also said Friday it contained the hack within hours of its discovery on June 12 and had hired cybersecurity experts to address the breach.
Yahoo
18-05-2025
- Business
- Yahoo
M&S faces multi-million pound lawsuit by Scots over huge data leak
Marks & Spencer (M&S) is facing a multi-million pound court action by Scottish customers after a cyber attack. The high street giant admitted last week that hackers have obtained information which could include the telephone numbers, home addresses, dates of birth, and online ordering histories of millions of people, reports the Daily Record. Thompson's Solicitors, the firm representing the affected customers, claim they have been "inundated" by M&S clients caught up in this "online heist." READ MORE: Disco diva stuns fans with surprise appearance at huge Hydro gig Senior partner Patrick McGuire said: "M&S pride themselves on their customer service and reliability, but in this most important area, they have failed their customers completely. "We have a situation here where one of the most famous retailers in the UK has allowed criminals to pillage the personal details of hundreds of thousands of Scottish customers." "I think this will be the biggest data theft case we have ever been involved in." More than £1.2 billion has been wiped off the market value of M&S since it was crippled by hackers three weeks ago. The company is still not taking online orders, has been left with empty shelves at some branches, and is reported to be losing up to £3.5 million a day. M&S's Sparks loyalty program had 18 million members, with hundreds of thousands in Scotland, and the firm has asked customers to reset their account passwords. The retailer has also warned customers that they might receive bogus emails, calls or texts claiming to be from the company. READ MORE: 'Pandemic hit youngest and poorest children hardest', says Glasgow's education boss According to the Daily Record, a group of hackers labelled Scattered Spider is alleged to have utilised a contractor to access the retailer's advanced IT systems. The ransomware group DragonForce, which is also believed to be behind a cyber attack on the Co-op, have said its affiliates are responsible. The group is known for scrambling victims' data and demanding a ransom to get the key to unscramble it. The UK Government's National Cyber Security Centre has said it was working with the affected companies but told all UK businesses the incidents "should act as a wake-up call" on the importance of having measures to protect against and respond to attacks. However, McGuire of Thompsons, who are already pursuing legal actions against other businesses who have lost customers' personal data said: "The law in this matter is very clear and it beggars belief that an institution like M&S did not have the robust systems that law demands to prevent the real risk of identity theft and fraud. "We know well from our experience that the type of information taken from M&S customers can be used in very sophisticated scams by international criminals." READ MORE: Over 40 road closures in Glasgow today as Race for Life takes place The hack first caused problems for the retailer's contactless payments and click-and-collect orders. A spokeswoman for the company told the Daily Record: "Importantly, the data does not include usable payment or card details, which we do not hold on our systems, and it does not include any account passwords. "There is no evidence that this data has been shared." Clive Black, a retail analyst at finance firm Shore Capital, said: "What is clear to us is that this has a severe impact on first-quarter performance - hundreds of millions of pounds - and by definition a notable impact for the full year outcome for 2026."
