Qantas Cyber Attack Exposes Data of 5.7 Million Customers

Qantas data breach customer data protection cybersecurity data exposure identity theft prevention
Deepak Gupta
Deepak Gupta

Co-founder/CEO

 
October 13, 2025 3 min read

TL;DR

This article covers the recent Qantas data breach affecting 5.7 million customers due to a hack involving Salesforce. It discusses the compromised data, customer notifications, and the airline's response measures, including enhanced security protocols and customer support initiatives.

Data Breach Details

Qantas is facing significant scrutiny following the exposure of personal information of 5.7 million customers on the dark web. The breach is linked to a hack involving Salesforce, where approximately 1 billion records were stolen from various companies, including Qantas, Disney, and IKEA. The hacker group Scattered Lapsus$ Hunters executed the attack by posing as legitimate employees and contacting IT desks of the affected companies.

Image

Image courtesy of Source

Home Affairs and Cyber Security Minister Tony Burke emphasized that Qantas would be held accountable for the breach, even though the data was released outside of Australia. Burke stated, “You can outsource parts of your business, but you don't outsource the law.” The compromised data includes customers' dates of birth, emails, and frequent flyer numbers.

A Qantas Airbus A330-202 plane

Image courtesy of Source

Customer Notification and Impact

Qantas has confirmed it proactively notified customers about the types of personal data impacted. The airline has reassured customers that credit card details and passport numbers were not compromised during the breach. Qantas is working with the Australian Cyber Security Centre and the Australian Federal Police to address the situation and investigate further.

CANBERRA, AUSTRALIA - OCTOBER 09: Minister for the Arts, Minister for Home Affairs, Minister for Cyber Security

Image courtesy of Source

Qantas has established a dedicated customer support line to assist affected individuals. Customers are advised to remain vigilant against potential scams, especially those impersonating Qantas representatives. The airline also recommends using two-step authentication for personal accounts and staying informed about the latest cybersecurity threats.

QANTAS A321XLR FLEET TAKES TO THE SKIES

Image courtesy of Source

Security Measures and Recommendations

In response to the breach, Qantas has implemented additional security measures, including enhanced monitoring and detection systems. The airline is also providing customers with access to specialist identity protection services. Qantas has previously issued a general warning to all Australians to be cautious of unexpected calls and messages.

Vanessa Hudson stands in front of Qantas plane

Image courtesy of ABC News

Customers are advised to take specific precautions, such as independently verifying the identity of callers claiming to be from Qantas and avoiding sharing personal information. Qantas encourages customers to report any suspicious activity to Scamwatch.

Qantas Departure sign outside airport terminal

Image courtesy of ABC News

The airline is also conducting a forensic analysis of the compromised data to understand the full scope of the breach. Qantas is sending emails to affected customers with detailed information about the exposed data and the steps they should take.

A thumb gripping a red Qantas Frequent Flyer card

Image courtesy of ABC News

Ongoing Investigation and Customer Support

The Australian Federal Police are leading the investigation into the breach, and Qantas is cooperating fully with authorities. Qantas has also engaged independent cybersecurity experts to assess the situation. Customers can contact Qantas through their dedicated support line for assistance and to inquire about their personal data.

Qantas logo on Sydney Airport terminal glass

Image courtesy of ABC News

In summary, Qantas is actively managing the fallout from the data breach, focusing on customer safety and enhancing their security measures to prevent future incidents.

Deepak Gupta
Deepak Gupta

Co-founder/CEO

 

Cybersecurity veteran and serial entrepreneur who built GrackerAI to solve the $500K content marketing waste plaguing security companies. Leads the mission to help cybersecurity brands dominate search results through AI-powered portal ecosystems.

Related News

Enhancing Omnichannel Strategies with Engaging Video Content
CTV marketing

Enhancing Omnichannel Strategies with Engaging Video Content

Discover how Connected TV (CTV) is revolutionizing omnichannel marketing. Learn strategies to integrate CTV for amplified reach and engagement. Boost your campaign performance today!

By Deepak Gupta January 20, 2026 6 min read
common.read_full_article
2025 B2B Cybersecurity Marketing Trends & Digital Transformation Insights
B2B cybersecurity marketing

2025 B2B Cybersecurity Marketing Trends & Digital Transformation Insights

Discover key B2B cybersecurity marketing trends for 2025, including shifts in customer acquisition, GEO optimization, and digital transformation insights. Boost your strategy today!

By Hitesh Kumawat January 19, 2026 3 min read
common.read_full_article
Marketing Leaders' Predictions: Key Trends for 2026
AI marketing

Marketing Leaders' Predictions: Key Trends for 2026

Navigate the evolving AI marketing landscape of 2026. Discover essential strategies, the rise of AI shopping agents, search decentralization, and how to cut through the noise. Get ahead – read now!

By Diksha Poonia January 16, 2026 3 min read
common.read_full_article
Irish EdTech Firms Secure €1M and €26M for AI Skills and Growth
AI skills certification

Irish EdTech Firms Secure €1M and €26M for AI Skills and Growth

Irish startup AICertified secures €1M to create a unified, trusted standard for AI skills certification. Discover how they're tackling the fragmented AI training market. Learn more!

By Hitesh Kumar Suthar January 15, 2026 3 min read
common.read_full_article