Qantas Data Breach Exposes Details of 6 Million Customers in Targeted Cyberattack

On June 30, 2025, Qantas, the Australian airline, detected “unusual activity” in a third-party customer service platform used by one of its contact centers.

Approximately 6 million customer records were potentially accessed, including names, email addresses, phone numbers, birth dates, and frequent flyer numbers. Qantas confirmed that financial information, passport details, passwords, PIN numbers, and frequent flyer account credentials remained secure.

The airline states that the breach occurred when a cybercriminal targeted a call center and gained access to a third-party customer servicing platform. This means that the attacker impersonated a Qantas employee and deceived a call center worker into granting access to the system.

Qantas notified affected customers and set up a dedicated support line. The company states that it’s continuing the investigation, working with cybersecurity experts, and strengthening system monitoring and detection.

The breach showed tactics resembling Scattered Spider, a cybercriminal group allegedly composed of young hackers from the US, the UK, and Canada. The group is known for its social engineering techniques, often targeting help desks and IT systems through voice phishing and impersonation.

The Qantas incident follows a series of cyber attacks: Hawaiian Airlines disclosed a breach on June 26, and WestJet reported a cyber incident on June 13. Both incidents, occurring within a short timeframe, are believed to be a coordinated effort by Scattered Spider to target the airline industry.

Cover photo by Josh Withers on Unsplash