English Corner

Several million Vietnam Airlines customer records were released by hackers. Image: Ryuno

Major data breach at Vietnam Airlines and Qantas: millions of customers affected

Bad news for customers of Vietnam Airlines and Qantas: millions of accounts have been compromised in a major data breach. Personal information including dates of birth, email addresses, loyalty program details, names, and phone numbers has been leaked online.

Over the weekend, Vietnam Airlines customers were the first to be notified—not by the airline itself, but by an independent service that alerts users when their email addresses appear in hacker databases.

According to a document obtained by Travelnews, the leaked information includes data on 7.32 million Vietnam Airlines customers.

Qantas has also been hit, with around 5.7 million customers reportedly affected. Media reports link the breach to a hacker group known as «Scattered LAPSUS$ Hunters», which is said to have stolen the data and later released it publicly. The intrusion is believed to have occurred in June, with the stolen data surfacing only four months later.

The hackers claimed to have accessed the Salesforce accounts of 39 major companies—including Vietnam Airlines, Qantas, Google, Cisco, Disney, and FedEx. Salesforce, a U.S.-based cloud computing provider, offers customer management platforms to businesses worldwide.

Airlines urge customers to change passwords immediately

In a statement released three days after the incident became public, Vietnam Airlines confirmed that a breach had occurred on a customer service platform operated by a global technology partner.

«After being alerted, we have taken immediate action in coordination with authorities, cybersecurity experts, and the third-party provider to investigate the breach, assess potential impacts, and strengthen data protection,» the airline said.

The company added that payment details, passwords, travel itineraries, Lotusmiles balances, and passport data remain secure, and that its internal IT systems were not affected.

Vietnam Airlines is urging customers to stay alert for phishing attempts and suspicious messages claiming to be from the airline. It has also advised members to immediately change passwords for both their Lotusmiles accounts and associated email addresses.

According to media reports, the hacker group had earlier threatened to release the stolen data if the affected third-party provider did not pay a ransom. That deadline has now expired, leading to the public release of the data.

(GWA)

back to top