Qantas has confirmed that the personal data of 5.7 million customers was exposed after a hacker attacked a third-party call center platform. The attackers obtained names, emails, addresses, phone numbers, dates of birth and Frequent Flyer bonus account details.
The incident occurred on June 30, 2025, and Qantas discovered the unauthorized access the next day. According to new details, 4 million records contained only name, email and frequent flyer number. Another 1.7 million customers lost more sensitive information: addresses (1.3 million), dates of birth (1.1 million), phone numbers (900,000) and gender (400,000).
The company emphasizes that no passwords, PINs, financial or passport data were compromised.
Qantas management has begun informing affected customers and has implemented additional cybersecurity measures. Hackers have already made contact, presumably with ransom demands, threatening to release data.
Qantas suspects that the attack is being carried out by the Scattered Spider group, a cybercriminal group known for attacks on Hawaiian Airlines, WestJet and other airlines. They often use social engineering, hijack employee accounts and attempt to encrypt devices with ransomware (in particular DragonForce).
The Qantas hack is part of a series of attacks against the aviation sector. Although financial data was not stolen, the massive leak of personal information increases the risk of phishing, fraud and identity theft. The company is urging customers to be wary of suspicious emails purporting to be from Qantas. Strengthening personal data protection has become a top priority.
