Breaking: Qantas Confirms Major Cyberattack Exposing 6 Million Customer Profiles

Breaking: Qantas Confirms Major Cyberattack Exposing 6 Million Customer Profiles

Breaking: Qantas Confirms Major Cyberattack Exposing 6 Million Customer Profiles

Breaking: Qantas Confirms Major Cyberattack Exposing 6 Million Customer Profiles
Image from BBC

Qantas has confirmed a significant cyberattack on its third-party customer service platform, potentially exposing the personal data of up to six million airline customers. The Australian carrier detected “unusual activity” on June 30th within a system used by its contact centre, which stores sensitive information including names, email addresses, phone numbers, birth dates, and frequent flyer numbers.

Following the discovery, Qantas stated it took “immediate steps and contained the system,” with an ongoing investigation to determine the full extent of the data compromised. While the airline anticipates a “significant” proportion of data may have been stolen, it has reassured the public that critical information such as passport details, credit card numbers, personal financial data, frequent flyer accounts, passwords, or PINs were not held in the breached system and remain secure.

Qantas Group CEO Vanessa Hudson issued an apology, acknowledging the uncertainty this event would cause and encouraging affected customers to contact a dedicated support line. She also confirmed that the incident would not impact Qantas’s operations or airline safety.

Authorities including the Australian Federal Police, the Australian Cyber Security Centre, and the Office of the Australian Information Commissioner have been notified. This incident follows recent FBI warnings about the airline sector being a target for cybercriminal groups like Scattered Spider, which has also been linked to attacks on US-based Hawaiian Airlines and Canada’s WestJet, as well as UK retailers.

The Qantas breach adds to a worrying trend of major data compromises in Australia this year, including incidents affecting AustralianSuper and Nine Media. The Office of the Australian Information Commissioner (OAIC) reported in March 2025 that 2024 marked the worst year for data breaches in Australia since records began, underscoring the escalating threat of malicious cyber activity across both private and public sectors.

阅读中文版 (Read Chinese Version)

Disclaimer: This content is aggregated from public sources online. Please verify information independently. If you believe your rights have been infringed, contact us for removal.