14 hours Ago
Initial indications are that a significant amount of personal data may have been accessed. Qantas said names, phone numbers, email addresses, dates of birth, and frequent flyer numbers were among the information that was accessed. But the breach did not encompass sensitive information such as credit card numbers, financial information, or passport numbers.
Security Measures and Apology Issued
Qantas said it had put in place extra security measures to avoid similar breaches. The information has been reported to the Australian Cyber Security Centre, police, and the Office of the Australian Information Commissioner.
Vanessa Hudson, Qantas Group Chief Customer Officer, publicly apologized to impacted customers. “Our customers entrust us with their most personal information, and we take that responsibility very seriously,” she said. “The reports that Qantas is in meaningful recovery discussions with investors are simply inaccurate,” Hudson said in a statement, adding that Qantas was communicating with customers and providing assistance directly.
Breach Comes After Previous Struggles for Qantas
The data breach is ill-timed for Qantas, which is already dealing with reputational damage resulting from the COVID-19 pandemic. Previous battles have focused on selling tickets for cancelled flights and stopping Qatar Airways from growing.
Qantas had fallen from 17th place in the 2024 World Airline Awards to 24th but had put up a good fight this time around – the airline had climbed 10 places in the 2025 rankings. At the airline, Alan Joyce, stepped down from his position as CEO in 2023 — two months ahead of schedule — to help the carrier with its renewal efforts.
Separately, the United States FBI recently cautioned that a hacking group called Scattered Spider has broadened its targets to airlines. The group is notorious for posing as employees or contractors in order to deploy ransomware and steal sensitive files to extort payment.
