Qantas Data Breach Hits Third-Party Platform; Exposes Data of Up to 6 Million Customers
Sydney, July 2, 2025 — Qantas Airways has confirmed a cyberattack on a third-party platform used by one of the airline’s contact centers, potentially compromising the personal data of a number of customers. While the affected system stored service records relating to around six million individuals, the airline has stated that only “some” of those records appear to have been accessed. Investigations are ongoing, and according to Qantas, customers whose information may have been compromised will be contacted directly.
While Qantas has not attributed the attack to a specific group, cybersecurity analysts believe it may bear the hallmarks of Scattered Spider, a sophisticated hacking collective known for targeting call centers via social engineering and “vishing” (voice phishing) tactics.
The attack comes days after FBI had issued a warning about cybercriminal group Scattered Spider expanding its targeting to include the airline sector. On June 28th, FBI had warned, “These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.” It went on to state that “once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware.”
Scope of Qantas Data Breach and System Integrity
The incident, which occurred on Monday, June 30, targeted a third-party system used to support customer interactions. Qantas has stressed that its core IT systems, operational platforms, and flight safety systems were not affected, and the breach was quickly contained.
The airline confirmed that credit card details, passport information, and other sensitive financial data are not stored on the compromised system. Additionally, Frequent Flyer account logins, passwords, and PINs were not accessed.
However, some personal data may have been exposed — including names, email addresses, phone numbers, dates of birth, and Frequent Flyer numbers.
Ongoing Response and Investigations
“We sincerely apologise to our customers and we recognise the uncertainty this will cause,” said Qantas CEO Vanessa Hudson. “We are contacting our customers today and our focus is on providing them with the necessary support.”
Qantas is working with several agencies, including the Australian Cyber Security Centre, the National Cyber Security Coordinator, the Office of the Australian Information Commissioner, and the Australian Federal Police. Independent cybersecurity experts have also been engaged.
A dedicated support line has been set up, and the airline is contacting impacted customers directly. It has also launched an online support page with updates and advice. Customers are being urged to remain vigilant against phishing attempts and other scams that could exploit stolen data.
The Qantas breach adds to a growing list of high-profile cyber incidents affecting Australian businesses in recent years. Notably, telecommunications provider Optus and private health insurer Medibank suffered major data breaches in recent years, compromising the personal information of millions.
Read: IndiGo’s Long-Haul Debut Takes Flight with Mumbai–Manchester Service
💬 Join the conversation: We’d love to hear your take on X (Twitter) or LinkedIn.
