Qantas Customers Targeted in Cyberattack, Data Stolen
A recent cyber assault on Qantas’s customer service platform has resulted in a significant data breach. The Australian airline is reaching out to affected clients after discovering “unusual activity” on a system holding customer information. The full extent of the data pilfered remains under investigation.
Details of the Breach
On June 30th, a security breach was detected on a platform used by Qantas to manage the data of roughly six million people. The compromised data includes names, email addresses, phone numbers, birth dates, and frequent flyer numbers. Following discovery, Qantas promptly acted to contain the system, according to a statement.
The airline has clarified that essential details like passport data, credit card information, and personal financial records were not part of the compromised data. No frequent flyer account credentials, such as passwords or PINs, were breached.
We’re investigating a cyber incident affecting a third-party customer service platform. We’re contacting customers. No flight disruptions expected. More info: https://t.co/l6FkXJj80b pic.twitter.com/eWd8u37LwG
— Qantas (@Qantas) July 1, 2025
“We sincerely apologise to our customers and we recognise the uncertainty this will cause,”
—Vanessa Hudson, Qantas Group CEO
Cybersecurity experts point out that these attacks are rising globally; in 2024 alone, there were over 2,000 reported data breaches in Australia, a significant increase over the previous year (Australian Information Commissioner).
Response and Further Actions
The Australian Federal Police, the Australian Cyber Security Centre, and the Office of the Australian Information Commissioner have all been notified of the incident by Qantas. Ms. Hudson has also requested that customers with concerns call a dedicated support line.
The company confirmed that the breach would not affect Qantas operations or airline safety. Authorities are urging both governmental bodies and private companies to bolster their security measures and data protection practices. Recent data breaches in Australia underscore the increasing threat of malicious actions.
