Another cyberattack has hit the airline industry.
Qantas, the flag carrier of Australia, announced this week it was the target of a cyberattack that compromised data belonging to 6 million customers. The airline said it is still investigating the full extent of the data breach, but the impact is expected to be significant. Names, emails, phone numbers, dates of birth, and frequent flyer numbers were exposed. However, credit card information, passport details, PIN codes, and passwords were not stored in the affected system.
A cybercriminal group gained access to a third-party customer service platform, but the airline reports that its systems are now secure. “On Monday, June 30, 2025, we detected unusual activity on a third-party platform used by a Qantas airline contact center. We then took immediate steps and contained the incident,” the airline confirmed.
Qantas is working with government agencies, including the National Cyber Security Coordinator, the Australian Cyber Security Centre, and independent cybersecurity experts. “We have also notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. Given the criminal nature of this incident, the Australian Federal Police has also been notified.”
Recommended Fodor’s Video
Related: If You’ve Flown With a U.S. Airline, the Trump Administration Probably Has Your Data
The identity of the group responsible for the breach has not yet been confirmed, but it comes soon after the FBI warned that a cybercriminal group known as Scattered Spider has been targeting the aviation industry. Hawaiian Airlines and WestJet have also reported recent attacks. The group has been active since 2022 and may be behind more than 100 targeted attacks worldwide, including a data breach against Las Vegas casinos in 2023. In April, the criminals disrupted the Marks & Spencer website; the company anticipates losses of $381 million from the attacks.
Vanessa Hudson, CEO of Qantas Group, apologized for the incident. The airline said it is contacting customers who may be affected by the data breach. A dedicated customer service hotline has been launched for advice and identity protection resources. The company says there is no need to change PINs and passwords at this time, but recommends remaining vigilant. “Check the sender name and sender email address to see if they match or look suspicious, and hover over links to verify them – never click on suspicious links or attachments or scan suspicious QR codes.” To report suspicious activity, customers can call 1800 971 541 or +61 2 8028 0534.
How This Data May Be Used
Experts warn that names and birthdates can be used to impersonate victims to other businesses or to create new accounts. Hackers might open bank accounts with this information, for example. This information may also be sold on the dark web, increasing the risk of identity theft. If an individual uses the same email address for various accounts, those accounts may be targeted as well.
Additionally, individuals are more likely to trust scammers and share financial information if the scammer uses personal details like a date of birth. Remain cautious and do not click on unfamiliar links or scan unknown QR codes. While Qantas stated that frequent flyer accounts were not compromised, the breach has made these accounts more vulnerable. Scammers may attempt to reset account passwords and use frequent flyer points. Customers are encouraged to monitor their accounts and change their passwords as a precaution, researcher Richard Buckland told ABC News. “Presumably, if someone does go in and steal those points or it uses them for things, Qantas is able to reimburse that, so I think it’s just a matter of noticing that that’s happened.”