<
div id=””>
).webp)
ReutersQantas has been in touch with its customers after its third-party customer service platform was the target of a cyberattack.
On 30 June, “unusual activity” was noticed by Qantas on a platform that its contact centre uses to store the personal data of around six million individuals, including names, email addresses, phone numbers, birth dates, and frequent flyer numbers.
Qantas immediately took “immediate steps and contained the system” once the breach was detected, according to a statement.
The precise extent of the data breach is being investigated by Qantas, but the airline anticipates that a “significant portion” of customers’ information was stolen.
The public should be reassured that crucial information, such as passport and credit card details, as well as personal financial information, were not held in the compromised system and no frequent flyer accounts, passwords, or PIN numbers have been compromised.
Qantas has informed the Australian Federal Police, the Australian Cyber Security Centre, as well as the Office of the Australian Information Commissioner of the breach.
“We sincerely apologize to our customers and are aware of the uncertainty this will cause,” Qantas Group CEO Vanessa Hudson stated.
She encouraged customers to contact the dedicated assistance line if they had any concerns and confirmed that Qantas’ operations and the airline’s safety would not be impacted.
This cyberattack is just one in a series of data breaches that have occurred in Australia this year, with significant leaks affecting AustralianSuper and Nine Media in the last few months.
In March 2025, the Office of the Australian Information Commissioner (OAIC) disclosed figures showing that 2024 was the worst year for data breaches in Australia since record-keeping began in 2018.
“The trends we are observing suggest the threat of data breaches, particularly through the efforts of malicious actors, is unlikely to diminish,” stated Australian Privacy Commissioner Carly Kind in an OAIC release.
Ms. Kind advised businesses and government agencies to improve their security measures and data protection and emphasized that both the public and private sectors are susceptible to cyberattacks.
