Qantas is investigating a major cyberattack after hackers breached a third-party platform containing the personal data of 6 million customers. The airline confirmed that the exposed information includes names, email addresses, phone numbers, birth dates, and frequent flyer numbers, though no financial or passport details were compromised.
Upon detecting unusual activity on Monday, Qantas took immediate action to secure its systems and launched an investigation. The incident has been reported to the police, the Australian Cyber Security Centre, and the national data protection authority.
Qantas Group CEO Vanessa Hudson apologised to customers, affirming the airline’s commitment to protecting personal data. “Our customers trust us with their information, and we take that responsibility seriously,” she said, adding that affected individuals are being contacted and offered support.
The breach adds pressure on Qantas, which is already working to rebuild its reputation following a series of recent controversies, including selling tickets for cancelled flights and lobbying against increased flight access for Qatar Airways.
Meanwhile, the FBI recently warned that a cybercriminal group called Scattered Spider has begun targeting airlines globally, often using social engineering tactics to gain access to sensitive systems for data theft and extortion.
