• Attackers with authorized access (employees or contractors) misuse their privileges to steal or manipulate sensitive data.
• Often hard to detect due to their legitimate access.
• Can involve financial fraud, data theft, or sabotage.

Qantas Frequent Flyer Accounts Compromised via Insider Threat

• Incident:
  • Two third-party contractors from Air India SATS misused their access to compromise approximately 1,000 Qantas frequent flyer accounts.
  • They altered bookings and stole frequent flyer points from customers.
  • The breach was detected after a customer complaint, leading Qantas to suspend the contractors and refer the case to Indian authorities.