Sydney, July 4 - Qantas, Australia’s largest airline, on July 2, 2025, confirmed a significant cyber-attack that compromised the personal information of up to six million customers, marking one of the most substantial data breaches in the country’s recent history. The incident, which occurred on June 30, 2025, targeted a third-party customer service platform used by a Qantas contact center in Manila, exposing sensitive customer data. The breach involved the unauthorized access of names, email addresses, phone numbers, birth dates, and frequent flyer numbers. However, Qantas has assured customers that critical financial information, such as credit card details, bank account information, passport details, passwords, PINs, and login credentials, was not stored on the compromised platform and therefore remained secure. The airline swiftly contained the breach upon detecting unusual activity on Monday, ensuring that its core systems and flight operations remained unaffected, with no impact on passenger safety.
.gif)
The cyber-attack has raised significant concerns about the vulnerability of third-party systems in the airline industry, particularly as Qantas relies on external vendors for customer service operations. The breach was described as criminal in nature, with the attacker exploiting a call center operator’s access to the platform, possibly through social engineering tactics such as vishing, where cybercriminals impersonate legitimate entities to extract sensitive information. Qantas has not officially identified the perpetrators, but cybersecurity experts have noted similarities with tactics used by the notorious Scattered Spider group, which has recently targeted the aviation sector, including airlines like Hawaiian Airlines and WestJet. The U.S. Federal Bureau of Investigation had issued a warning about this group’s activities just days before the Qantas incident, highlighting their use of sophisticated social engineering techniques to infiltrate systems.
In response, Qantas has taken immediate steps to address the breach and mitigate its impact. The airline notified the Australian Cyber Security Centre, the Australian Federal Police, and the Office of the Australian Information Commissioner, reflecting the seriousness of the incident. Qantas is also collaborating with the Federal Government’s National Cyber Security Coordinator and independent cybersecurity specialists to investigate the full extent of the data stolen, which is expected to be significant. To support affected customers, Qantas has established a dedicated helpline and a website page offering identity protection advice and resources. The airline is contacting customers to provide specific details about the data compromised, which may vary from individual to individual, and has advised heightened vigilance for potential scams or phishing attempts leveraging the stolen information.
The breach has intensified scrutiny on Qantas, already navigating reputational challenges following recent controversies. The airline’s CEO, Vanessa Hudson, issued a public apology, acknowledging the uncertainty caused and emphasizing the company’s commitment to customer trust. Qantas is implementing enhanced security measures, including stricter access controls and improved system monitoring, to prevent future incidents. This event underscores the growing cybersecurity risks facing the aviation industry and the critical need for robust protections as reliance on third-party platforms increases.
An update from Qantas Group CEO Vanessa Hudson on the recent cyber incident:
— Qantas (@Qantas) July 3, 2025
“We know that data breaches can feel deeply personal and understand the genuine concern this creates for our customers. Right now we’re focused on providing the answers and transparency they deserve.…