Overview
- The FBI issued a late-June alert confirming that Scattered Spider is exploiting IT help desks to bypass multi-factor authentication and expand into the airline sector.
- WestJet and Hawaiian Airlines reported IT-system disruptions from June attacks attributed to the group, but both carriers maintained normal flight operations.
- The FBI and CISA are working directly with affected airlines and vendors, urging prompt reporting of suspicious access requests to curb further breaches.
- Mandiant and Palo Alto Networks’ Unit 42 have observed similar social-engineering incursions across the broader transportation industry and recommend stricter help-desk verification.
- Qantas disclosed a third-party contact-centre breach affecting six million customer records that cybersecurity experts say aligns with Scattered Spider’s tactics.