Qantas Investigates Massive Cybersecurity Incident
Qantas has confirmed a data breach affecting a third-party platform used by its customer contact centre. The breach may have exposed the personal details of up to six million customers. The airline detected “unusual activity” on 30 June and took immediate steps to contain the system, according to its official statement.
The breach targeted names, email addresses, phone numbers, birth dates and frequent flyer numbers. Qantas has stated that no passwords, PINs or login details were accessed. It also confirmed that no passport, credit card or financial data was stored in the compromised system.
We sincerely apologise to customers impacted by a recent cyber incident that occurred in one of our contact centres. The system is now contained.
We’re currently contacting customers to make them aware of the incident, apologise and provide details on support available to them.…
— Qantas (@Qantas) July 2, 2025
Investigation Underway into Extent of Breach
Qantas is investigating the scope of the breach and anticipates the amount of stolen data to be “significant”. The airline has notified impacted customers and is maintaining updates through a dedicated web page. A customer support line has also been established.
Qantas Group CEO Vanessa Hudson issued a public apology following the breach. “We sincerely apologise to our customers and we recognise the uncertainty this will cause,” Ms Hudson said. “Our customers trust us with their personal information and we take that responsibility seriously.”
The airline confirmed there would be no impact on operations or passenger safety.
Qantas Group CEO, Vanessa Hudson
Authorities Informed as Government Scrutiny Increases
Qantas has reported the incident to the Australian Federal Police, the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. The company has pledged full cooperation with ongoing investigations.
The breach joins a growing list of Australian data security incidents this year. Recent targets include AustralianSuper and Nine Media, both of which suffered high-profile leaks.
Privacy Watchdog Warns of Growing Threat
In March 2025, the Office of the Australian Information Commissioner reported that 2024 was the worst year for data breaches since records began in 2018. Privacy Commissioner Carly Kind highlighted the escalating nature of cyber risks.
“The trends we are observing suggest the threat of data breaches, especially through the efforts of malicious actors, is unlikely to diminish,” Ms Kind said. She urged businesses and government agencies to strengthen data protection frameworks immediately.
Ms Kind also stressed that both private companies and government bodies are vulnerable to cyber attacks.
CyberCX Flags Scattered Spider Group as Likely Perpetrator
Cybersecurity firm CyberCX has been assisting Qantas in the incident response. A spokesperson said the breach displayed the hallmarks of an attack by the Scattered Spider hacker group.
CyberCX is helping Qantas with the data breach
Scattered Spider is known for targeting specific industry sectors, with recent focus on financial services and insurance. US authorities confirmed that the group expanded its targets to the airline sector over the past weekend.
In a post to X, the FBI stated that Scattered Spider targets “large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk”.
The FBI added, “Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware.” The agency said it is working closely with aviation and industry partners to assist victims and address the activity.
ALERT—The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector. These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.… pic.twitter.com/gowmbsAbBY
— FBI (@FBI) June 27, 2025
Qantas has not confirmed whether Scattered Spider was responsible. The company said it will continue to assist all relevant authorities during the investigation.
Data Breach Poses Broad Sectoral Risks
The incident has drawn fresh attention to the vulnerability of third-party platforms used by large corporations. CyberCX noted that these platforms present potential entry points for coordinated attacks across ecosystems. Third-party IT vendors have become key targets due to their access to sensitive operational data.
The Qantas breach also raises concerns about customer data security in the aviation sector. Industry experts say the breach illustrates the growing risks to airlines and related service providers.
Also Read: ASX Futures Rise as Tech Stocks Slide, Gold Miners Rally, and Global Trade Risks Intensify
Qantas Focuses on Transparency and Support
Qantas has taken steps to maintain transparency and support affected customers. The airline is directly contacting impacted individuals and providing information through its website. Qantas has also confirmed that none of its systems critical to flight operations were compromised.
The company said it will issue further updates as the investigation progresses. The breach has added pressure on Australian companies to reassess their data protection strategies and vendor relationships.
As the cyber threat landscape evolves, Qantas remains under scrutiny to restore public trust and reinforce its digital defences.
