Australian airline Qantas has confirmed that the recent cyberattack compromised data belonging to 5.7 million customers, including frequent flyer numbers, contact information, and—in some cases—personal details like addresses, birth dates, and meal preferences. The company is in contact with Australian Federal Police and said it had also received a message from someone “purporting to be the criminal actor” behind the breach.
Qantas CEO Vanessa Hudson stated that while the airline would not confirm if a ransom demand had been made, the incident remains under criminal investigation. So far, there is no evidence that the stolen data has been published online or leaked onto the dark web. Qantas has offered ID security services to affected customers and said its security systems have since been enhanced.
Breakdown of customer impact
The breach affected a range of data points across the 5.7 million records. Around 1.2 million customers had only their names and email addresses exposed, while 2.8 million had frequent flyer numbers accessed—some with loyalty points and status credits included. A further 1.7 million individuals had more extensive data accessed, including personal contact information and service preferences.
While credit card, password, and passport information were not part of the compromised dataset, Qantas has urged users to remain vigilant against scams. Many customers have since reported suspicious emails and attempted account access, though the airline maintains that these could be from unrelated ongoing phishing attempts common in the cyber threat landscape.
Airline urges vigilance amid forensic review
Qantas is conducting a forensic analysis to determine the full scope of the breach and has pledged to contact affected customers with individual data exposure details. It has also advised users not to respond to messages requesting passwords or PINs and to enable two-factor authentication on personal accounts.
The breach follows a growing list of cyberattacks targeting critical infrastructure and major service providers. As customer trust remains at stake, Qantas has reiterated its commitment to transparency and to learning from the incident to strengthen future resilience.
(Credit: ABC News Australia)
