Qantas

The Qantas incident exposed the details of up to 5.7 million customers, leading to a rise in sophisticated hybrid scams that combine digital theft and physical-world exploitation. Victims are manipulated into sharing one-time passcodes, resulting in significant financial losses. Banks often refuse reimbursement, citing a breach of terms, and law enforcement is reluctant to investigate, leaving victims with little recourse.

Source: https://theconversation.com/cyber-crime-and-real-world-crime-are-converging-in-a-dangerous-new-way-heres-how-to-stay-safe-260426

TPRM report: https://scoringcyber.rankiteo.com/company/qantas

"id": "qan535071025",
"linkid": "qantas",
"type": "Breach",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Up to 5.7 million',
                        'industry': 'Aviation',
                        'location': 'Australia',
                        'name': 'Qantas',
                        'size': 'Large',
                        'type': 'Company'}],
 'attack_vector': 'Social Engineering',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': 'Up to 5.7 million',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Names, phone numbers, emails, '
                                             'card details'},
 'description': 'Scammers are using stolen personal data to mimic bank calls '
                'and trick victims into sharing one-time passcodes, leading to '
                'financial loss.',
 'impact': {'brand_reputation_impact': 'High',
            'customer_complaints': 'Significant',
            'data_compromised': 'Personal data, credit card details',
            'financial_loss': 'A$6,000 (example case)',
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High'},
 'initial_access_broker': {'entry_point': 'Stolen personal data',
                           'high_value_targets': 'Bank customers'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'Need for stronger identity verification systems, '
                    'transparency and regulation of data brokers, active '
                    'enforcement of cyber-enabled fraud, and proactive '
                    'education.',
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'corrective_actions': 'Stronger identity '
                                                  'verification, regulation of '
                                                  'data brokers, active '
                                                  'enforcement',
                            'root_causes': 'Stolen personal data, weak '
                                           'enforcement, outdated verification '
                                           'systems'},
 'recommendations': ['Never share one-time passcodes over the phone',
                     'Hang up and call the bank directly if in doubt',
                     'Be cautious about sharing personal information online',
                     'Banks should reassess policies on customer communication',
                     'Redesign verification processes to prevent harm'],
 'references': [{'source': 'Article on convergence scams'}],
 'response': {'law_enforcement_notified': 'Yes, but rarely pursued'},
 'threat_actor': 'Cyber Criminals',
 'title': 'Convergence Scam Targeting Bank Customers',
 'type': 'Fraud',
 'vulnerability_exploited': 'Personal Data Leaks'}