Qantas Airways said a cyberattack compromised the personal details of around six million customers, marking one of Australia's most significant data breaches in recent years.
The airline has disclosed that a hacker accessed personal data via a third-party customer service platform, in what the airline described as a major cyber security breach.
The compromised information includes names, contact details, birth dates and frequent flyer numbers, though Qantas said passwords, PINs and login credentials were not affected. There was no impact on flight safety or operations, the airline said.
The breach was detected after unusual activity was noticed on a call centre platform operated by an external vendor. Qantas has not identified the vendor or the specific group responsible but confirmed the incident is under investigation.
“We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant,” Qantas said in a statement.
The airline reported the incident to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and the Australian Federal Police. The ACSC declined to comment, while the AFP said only that it was aware of the incident.
The U.S. Federal Bureau of Investigation recently warned that a cybercrime group known as Scattered Spider has been targeting airlines. Although Qantas has not attributed the attack to any specific group, cybersecurity experts said the incident shared hallmarks of similar breaches.
Charles Carmakal, chief technology officer at Mandiant, a cybersecurity firm owned by Alphabet, said it was too early to confirm if Scattered Spider was responsible. However, he warned that airlines globally should be on “high alert” for social engineering attacks.
Mark Thomas, Australian director at cybersecurity company Arctic Wolf, said the apparent scale and coordination of recent airline breaches is “particularly alarming.”
Qantas shares were down 2.4% in afternoon trading, underperforming the broader market, which was up 0.8%.
The breach comes at a sensitive time for the airline, which is attempting to rebuild trust following reputational damage during and after the COVID-19 pandemic. The carrier previously faced public backlash over mass layoffs, cancelled ticket sales, and controversy surrounding its influence on government aviation policy.
Chief Executive Vanessa Hudson, who took office in 2023, said the airline was taking the incident seriously.
“We recognise the uncertainty this will cause,” she said. “Our customers trust us with their personal information and we take that responsibility seriously.”
The incident is among the most high-profile cyber breaches in Australia since attacks on telecommunications giant Optus and insurer Medibank in 2022. Those cases led to tougher cyber resilience laws, including mandatory compliance and incident reporting.
Two civilians were injured after drones launched from Iranian territory struck Azerbaijan’s Nakhchivan Au...
The slopes of Shahdag Mountain Resort have become the centre of the European Ski Mountaineerin...
Iran's intelligence ministry said on Thursday that it had targeted positions belonging to "separa...
A Russian drone damaged a civilian Panama-flagged vessel that was transporting corn near the Ukrainian port of ...
Start your day informed with AnewZ Morning Brief. Here are the top news stori...
Two civilians were injured after drones launched from Iranian territory struck Azerbaijan’s Nakhchivan Autonomous Republic around noon on 5 March, Azerbaijan’s Foreign Ministry said in a statement.
Iran's intelligence ministry said on Thursday that it had targeted positions belonging to "separatist groups" attempting to enter the country through its western borders, adding that the militants sustained heavy losses during the security operations.
A Russian drone damaged a civilian Panama-flagged vessel that was transporting corn near the Ukrainian port of Chornomorsk in the Black Sea Odesa region, the Ukrainian Sea Ports Authority said late on Wednesday.
Start your day informed with AnewZ Morning Brief. Here are the top news stories for the 5th of February, covering the latest developments you need to know.
U.S. President Donald Trump said the U.S. military has enough stockpiled weapons to fight wars "forever"; in a social media post late on Monday. The remarks came hours before conflict in Iran and the Middle East entered its fourth day.
Tensions across the Middle East continue to escalate following coordinated U.S. and Israeli strikes on Iran and Tehran’s retaliatory attacks in the Gulf region, with military operations and regional security developments continuing to unfold.
A torpedo from a U.S. submarine sunk an Iranian warship off the coast of Sri Lanka, U.S. Secretary of Defense, Pete Hegseth told reporters as the Iranian conflcit entered its fifth day on Wednesday.
Türkiye has suspended day-trip crossings at its Kapıköy border and two others with Iran as regional tensions escalate following strikes involving the United States and Israel on Tehran. AnewZ's Alisultan Sultanzade was on the ground at the crossing before the restrictions came into force.
Kazakhstan has vowed to speed up its investigation into the Azerbaijan Airlines (AZAL) crash near Aktau, as mounting diplomatic pressure and geopolitical tensions push the disaster further into the international spotlight.
A Russian drone damaged a civilian Panama-flagged vessel that was transporting corn near the Ukrainian port of Chornomorsk in the Black Sea Odesa region, the Ukrainian Sea Ports Authority said late on Wednesday.
Start your day informed with AnewZ Morning Brief. Here are the top news stories for the 5th of February, covering the latest developments you need to know.
Australia and Canada said on Thursday they had signed new agreements on critical minerals as Canadian Prime Minister Mark Carney made a landmark address to the Australian parliament, a sign of the developing bond between the "middle powers".
More than 200 people died on Tuesday in a landslide triggered by heavy rains at the Rubaya coltan mine in eastern Democratic Republic of Congo, the country's mines ministry said on Wednesday.
A power outage struck most of Cuba, including Havana, the state electric utility said on Wednesday (5 March), as the Communist-run government grapples with increased pressure from the Trump administration that has curtailed oil shipments.
You can download the AnewZ application from Play Store and the App Store.
What is your opinion on this topic?
Leave the first comment