Curated Content | Thought Leadership | Technology News

Qantas Confirms Contact from Cybercriminal After Massive Data Leak

Data breach down under.
Lily Morris
Contributing Writer
Cartoon kangaroo being chased by a spider.

Qantas, one of the world’s most recognized airlines, is under fire after confirming a major data breach that may have exposed personal information belonging to as many as six million customers.

The breach was traced back to a third-party customer service platform used by the airline’s call center, not Qantas’ core IT systems. The compromised data includes customer names, email addresses, phone numbers, dates of birth, and frequent flyer numbers.

Although no credit card, passport, or financial data was stolen, the leak still presents serious risks for affected individuals, particularly through potential identity theft or phishing scams.

Since disclosing the incident, Qantas has revealed that someone claiming to be behind the attack has contacted the airline. That contact is currently under investigation by the Australian Federal Police.

Qantas has also brought in cybersecurity specialists to analyze the breach and reinforce affected systems. At this point, no further malicious activity has been detected, and the airline maintains that flight operations remain unaffected.

However, this breach is part of a troubling trend in the aviation sector, which has seen a sharp increase in cyberattacks attributed to groups like Scattered Spider.

Why It Matters: This incident exposes a critical vulnerability in modern cybersecurity. Companies that depend on third-party service providers to handle customer data are especially at risk. Even with strong internal security, a vendor’s weakness can still compromise millions of records.

  • The Entry Point Wasn’t Qantas Directly: The hackers exploited a vulnerability in a vendor-operated platform used by the airline’s customer service team. This platform was operated externally and held large volumes of customer data. By targeting the outsourced vendor, the attackers bypassed Qantas’ internal cybersecurity defenses. This approach allowed them to access millions of customer records without breaking through the airline’s main digital defenses.
  • The Stolen Data: Qantas confirmed that the attackers gained access to customer names, email addresses, phone numbers, birth dates, and frequent flyer numbers. Although no credit card details, passport numbers, or login credentials were accessed, the stolen data can still be used to impersonate individuals or exploit loyalty programs for further scams.
  • A ‘Potential Cybercriminal’ Has Reached Out: Qantas reported that someone claiming responsibility for the breach has contacted the airline less than a week after the breach was discovered. The nature of the contact has not been publicly disclosed, and it is not yet clear whether a ransom demand was made. The Australian Federal Police are now involved, and Qantas is working with them to determine if the communication is genuine.
  • Scattered Spider Likely Involved: Cybersecurity analysts say this breach bears the typical signs of activity by Scattered Spider, a well-known group responsible for recent attacks on other airlines and major retailers. Their known tactics include stealing employee credentials, exploiting support systems, and launching sophisticated social engineering campaigns.
  • Industry-Wide Warning: Cybercriminals are increasingly targeting third-party vendors and external service providers. These partners often have access to large amounts of customer data but may not have equally strong defenses. Experts warn that this trend is growing, and that companies need real-time visibility into how their partners manage data and secure access.

Go Deeper -> Qantas data breach exposes up to six million customer profiles – BBC

Qantas ‘contacted by potential cybercriminal’ after attack on data of up to 6 million customers – ABC News

Qantas Contacted by Potential Cybercriminal Following Data Breach – Infosecurity

Qantas Confirms Cyber Incident Affecting Up To 6 Million Customer Records – Information Security Buzz

Trusted insights for technology leaders

Our readers are CIOs, CTOs, and senior IT executives who rely on The National CIO Review for smart, curated takes on the trends shaping the enterprise, from GenAI to cybersecurity and beyond.

Subscribe to our 4x a week newsletter to keep up with the insights that matter.

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

ADVERTISEMENT

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Thanks for subscribing!

We’re excited to have you on board. Stay tuned for the latest technology news delivered straight to your inbox.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters