Article
Cloud & Cybersecurity

Inside the Cyberattack That Hit Six Million Qantas Customers

By James Darley
July 03, 2025
undefined mins
Share this article
Prioritise Us on Google
Share this article
Prioritise Us on Google
This is the most significant data breach in Qantas' history | Credit: Josh Withers via Unsplash
A data breach has exposed the personal details of six million Qantas customers after hackers targeted one of the airline’s internal communication platforms

Australian airline Qantas has confirmed that cyber criminals successfully targeted a third-party customer service platform, compromising the personal data of around six million of its customers.

Qantas first detected unusual activity on 30 June on a system used by its contact centre operations teams.

The airline immediately took containment measures after discovering the data breach but investigators expect that the hackers will now be in possession of huge amounts of personal data.

Qantas is Australia's flag carrier airline | Credit: Qantas

What personal information has been leaked?

During the breach, the cybercriminals were able to collect the names, email addresses, phone numbers, birth dates and frequent flyer numbers of any customer that had contacted Qantas support services before.

Critically, the airline has confirmed that credit card details, personal financial information and passport details were not stored on the affected system, nor were frequent flyer account passwords, bank details or login credentials.

According to Aakin Patel, former Chief Information Security Officer at Harry Reid Airport in Las Vegas, the communications systems of airlines are leaving them vulnerable to hackers.

“Airlines rely heavily on call centres for a lot of their support needs,” he told CNN following the incident, which makes them “a likely target for groups like this”.

Aakin Patel, former Chief Information Security Officer at Harry Reid Airport in Las Vegas | Credit: Aakin Patel

Qantas’ urgent response

CEO of Qantas Group, Vanessa Hudson, has issued a public apology on the company’s website following the incident.

“We sincerely apologise to our customers and we recognise the uncertainty this will cause,” she says.

“Our customers trust us with their personal information and we take that responsibility seriously.”

Vanessa notes that the breach should have no impact on Qantas flight operations or the airline’s various safety systems.

Following the incident, Qantas has set up a dedicated customer support line and created a specific webpage to provide ongoing updates about the incident.

Vanessa Hudson, CEO of Qantas Group | Credit: Vanessa Hudson

The role of law enforcement

Qantas says that it has notified multiple Australian authorities about the cyberattack, including the Australian Federal Police, the Australian Cyber Security Centre and the Office of the Australian Information Commissioner.

The airline is also working closely with the Federal Government’s National Cyber Security Coordinator and independent cybersecurity specialists to investigate the full extent of the breach.

The company has also committed to implementing a slew of new security measures to restrict system access and strengthen its monitoring capabilities.

What this says about cybersecurity in 2025

This attack comes at a time of heightened tension in the aviation sector.

This year, the FBI has specifically warned that the cybercrime group Scattered Spider — which has been responsible for attacks on UK supermarket supply chains — is attempting to target airlines.

Both Hawaiian Airlines and Canada’s WestJet have both suffered similar attacks within the past two weeks, sending shockwaves through the industry.

Youtube Placeholder

Experts believe that the uptick in cybercrime — especially with regards to aviation — may be motivated by more than money alone.

“Our members are keenly alert to attacks from financially motivated attackers and collateral impacts emanating out of geopolitical tensions around the world,” says Jeffrey Troy, CEO of Aviation ISAC, the global organisation that oversees the cybersecurity of airlines.

Jeffrey Troy, CEO of Aviation ISAC | Credit: RTCA

A record year for data breaches

This latest incident adds to Australia’s growing list of significant data breaches in 2025.

Major organisations including AustralianSuper and Nine Media have experienced substantial data leaks in recent months.

The Office of the Australian Information Commissioner reported that 2024 represented the worst year for data breaches since official records began in 2018.

Privacy Commissioner Carly Kind has warned that malicious cyber threats show no signs of slowing.

Carly Kind, Privacy Commissioner at the Office of the Australian Information Commisioner | Credit: Carly Kind

“The trends we are observing suggest the threat of data breaches, especially through the efforts of malicious actors, is unlikely to diminish,” she says.

Elliot Dellys, CEO of Australian cybersecurity firm Phronesis Security, notes that Scattered Spider’s unusual structure makes bringing them to justice challenging.

“Rather than being composed of a centralised command and control structure like Russian ransomware groups, it is believed to be composed of a disparate group of young hackers living in the United States and United Kingdom,” he explains.

Elliot Dellys, CEO of Phronesis Security | Credit: Elliot Dellys

“This makes effective action by law enforcement to take down the group, and its infrastructure, difficult to coordinate and execute.

“If this incident is the result of a third-party compromise, it adds to an increasing list of major Australian organisations that have done their utmost to secure data, just to have it exposed via a third party.”

Tags

QantasDataData BreachTechnologyCyberCybersecurityCybercrimeHackingAIScattered SpiderAviationAerospaceAirlines