Qantas Airways said a cyberattack compromised the personal details of around six million customers, marking one of Australia's most significant data breaches in recent years.
The airline has disclosed that a hacker accessed personal data via a third-party customer service platform, in what the airline described as a major cyber security breach.
The compromised information includes names, contact details, birth dates and frequent flyer numbers, though Qantas said passwords, PINs and login credentials were not affected. There was no impact on flight safety or operations, the airline said.
The breach was detected after unusual activity was noticed on a call centre platform operated by an external vendor. Qantas has not identified the vendor or the specific group responsible but confirmed the incident is under investigation.
“We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant,” Qantas said in a statement.
The airline reported the incident to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and the Australian Federal Police. The ACSC declined to comment, while the AFP said only that it was aware of the incident.
The U.S. Federal Bureau of Investigation recently warned that a cybercrime group known as Scattered Spider has been targeting airlines. Although Qantas has not attributed the attack to any specific group, cybersecurity experts said the incident shared hallmarks of similar breaches.
Charles Carmakal, chief technology officer at Mandiant, a cybersecurity firm owned by Alphabet, said it was too early to confirm if Scattered Spider was responsible. However, he warned that airlines globally should be on “high alert” for social engineering attacks.
Mark Thomas, Australian director at cybersecurity company Arctic Wolf, said the apparent scale and coordination of recent airline breaches is “particularly alarming.”
Qantas shares were down 2.4% in afternoon trading, underperforming the broader market, which was up 0.8%.
The breach comes at a sensitive time for the airline, which is attempting to rebuild trust following reputational damage during and after the COVID-19 pandemic. The carrier previously faced public backlash over mass layoffs, cancelled ticket sales, and controversy surrounding its influence on government aviation policy.
Chief Executive Vanessa Hudson, who took office in 2023, said the airline was taking the incident seriously.
“We recognise the uncertainty this will cause,” she said. “Our customers trust us with their personal information and we take that responsibility seriously.”
The incident is among the most high-profile cyber breaches in Australia since attacks on telecommunications giant Optus and insurer Medibank in 2022. Those cases led to tougher cyber resilience laws, including mandatory compliance and incident reporting.
Azerbaijani President Ilham Aliyev and Turkish President Recep Tayyip Erdoğan spoke on 9 August, praising regional peace steps, new gas exports to Sy...
More than 1,000 aid packages have been airdropped over the Gaza Strip since the resumption of the international airdrop operation on 26 July, the Isra...
World leaders and international organisations have hailed the U.S.-brokered peace agreement between Azerbaijan and Armenia as a historic breakthrough,...
Afghan authorities have begun building a 50 million afghani canal in Panjshir province to improve irrigation, support farmers, and create 1,000 jobs, ...
Ukrainian President Volodymyr Zelenskyy said that he had spoken with British Prime Minister Keir Starmer, noting their shared view on the threat posed...
Azerbaijani President Ilham Aliyev and Turkish President Recep Tayyip Erdoğan spoke on 9 August, praising regional peace steps, new gas exports to Syria, and deepening bilateral ties.
More than 1,000 aid packages have been airdropped over the Gaza Strip since the resumption of the international airdrop operation on 26 July, the Israel Defense Forces (IDF) announced on Friday.
World leaders and international organisations have hailed the U.S.-brokered peace agreement between Azerbaijan and Armenia as a historic breakthrough, marking a decisive step toward stability and cooperation in the South Caucasus.
Afghan authorities have begun building a 50 million afghani canal in Panjshir province to improve irrigation, support farmers, and create 1,000 jobs, according to Tolonews.
The world’s biggest dance music festival faces an unexpected setback as a fire destroys its main stage, prompting a last-minute response from organisers determined to keep the party alive in Boom, Belgium.
According to the German Research Centre for Geosciences (GFZ), a magnitude 5.7 earthquake struck the Oaxaca region of Mexico on Saturday.
China and the Association of Southeast Asian Nations will send an upgraded ‘version 3.0’ free-trade agreement to their heads of government for approval in October, Chinese Foreign Minister Wang Yi said on Saturday after regional talks in Kuala Lumpur.
A resumption of Iraq’s Kurdish oil exports is not expected in the near term, sources familiar with the matter said on Friday, despite an announcement by Iraq’s federal government a day earlier stating that shipments would resume immediately.
Chinese automaker Chery has denied an industry-ministry audit that disqualified more than $53 million in state incentives for thousands of its electric and hybrid vehicles, insisting it followed official guidance and committed no fraud.
World leaders and international organisations have hailed the U.S.-brokered peace agreement between Azerbaijan and Armenia as a historic breakthrough, marking a decisive step toward stability and cooperation in the South Caucasus.
Afghan authorities have begun building a 50 million afghani canal in Panjshir province to improve irrigation, support farmers, and create 1,000 jobs, according to Tolonews.
Ukrainian President Volodymyr Zelenskyy said that he had spoken with British Prime Minister Keir Starmer, noting their shared view on the threat posed by Russia’s attempt “to reduce everything to discussing the impossible.”
Russia’s investment envoy Kirill Dmitriev said on Saturday that certain countries would make “titanic efforts” to derail the meeting between U.S. President Donald Trump and Russian President Vladimir Putin, scheduled for 15 August.
U.S. President Donald Trump has invited newly inaugurated Polish President Karol Nawrocki to the White House for an official working meeting on 3 September, Nawrocki’s chief of cabinet announced on Saturday.
You can download the AnewZ application from Play Store and the App Store.
What is your opinion on this topic?
Leave the first comment