Qantas data breach affects six million

July 2, 2025 BY

Customers are urged to be cautious of phishing attempts and to monitor their accounts for any suspicious activity. (AAP Image/Bianca De Marchi)

Qantas has confirmed a major data breach affecting up to six million customers after a cyber attack on a third-party platform used by one of its call centres.

The airline discovered unusual activity on Monday and moved quickly to contain the breach. It said personal details including names, dates of birth, phone numbers, email addresses and frequent flyer numbers were compromised. However, no credit card details, passport numbers or account passwords were accessed.

Chief executive Vanessa Hudson apologised to customers.

“We sincerely apologise to our customers and we recognise the uncertainty this will cause,” she said.

“Our customers trust us with their personal information and we take that responsibility seriously.”

The breach involved a third-party system reportedly linked to a call centre based in Manila. The airline is now working with cybersecurity experts to investigate how the attackers gained access.

The cybercriminal group “Scattered Spider” is suspected of carrying out the attack. The group has previously used sophisticated social engineering to bypass security controls, including multi-factor authentication, and has been linked to incidents targeting airlines in the past.

Qantas has notified the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and the Australian Federal Police.

A dedicated support line has been set up for affected customers on 1800 971 541.

Opposition cyber security spokeswoman Melissa Price described the breach as a nationally significant incident and called for continued transparency.

“This is a stark reminder of the need to strengthen our cyber protections and ensure companies are held accountable for securing personal data,” she said.

The breach follows a smaller privacy incident in May last year when a technical glitch in the Qantas app exposed passenger details. That was traced to a caching issue and not considered a cyber attack.

Customers are urged to be cautious of phishing attempts and to monitor their accounts for any suspicious activity.

Related Articles

Celebrating small businesses

SMALL business is the backbone of our region and this…

Playspace opens soon

AFTER years of disability community advocacy, I am so proud…
Geelong book fair

Annual event to be a bookworm’s delight

THOUSANDS of books are in the process of getting sorted…

Latest News

Jul 26, 2025

All 2025 GFNL finals venues confirmed

Jul 26, 2025

No distractions: Gleeson commits before Tigers’ flag push

Jul 26, 2025

Results tighten race for GFL flag

Geelong vs North Melbourne
Jul 26, 2025

Geelong look to solidify top four spot

Barwon Heads vs Anglesea
Jul 26, 2025

Anglesea clash an “elimination final”, Schaller says