news
Tech support scam caused massive data breach at Australian airline Qantas - The Register
Your CRM is only as safe as the person who last touched it. Qantas just confirmed a major data breach triggered by a tech support scam. Someone called in posing as support, talked an agent into perfo
Your CRM is only as safe as the person who last touched it.
Qantas just confirmed a major data breach triggered by a tech support scam. Someone called in posing as support, talked an agent into performing actions inside the CRM to "close a ticket" — and those actions silently connected the system to a data extraction tool. Millions of customer records walked out the door.
No sophisticated hack. No zero-day exploit. Just a CRM that couldn't distinguish between a legitimate workflow action and one that drained the database.
Here's what that means if you're running a mid-market operation: your CRM's flexibility is also your exposure. Every workaround your team has duct-taped together, every external tool you've connected to fill a gap your platform couldn't handle natively — each one is a door that doesn't always close all the way. You've already lived through CRMs that were too rigid to customize. The ones you finally bent to your will may now be bent in ways you can't see.
The answer isn't locking everything down until your team can't do their jobs. It's having a system where the customization is intentional, auditable, and doesn't require a workaround to function.
A CRM built the right way doesn't just fit your workflows — it makes the dangerous ones visible before they cost you.
#CRM #DataSecurity #SalesOps #CRMStrategy #Cybersecurity
Original Source
... CRM system and perform certain actions needed to close a support ticket. Those actions instead connected the CRM to a data extraction tool which ...