Qantas Airways Cyberattack Update: Customer Data Released, Security Measures Enhanced

Qantas Airways has confirmed that data stolen during a major cyber incident in July has been released by cybercriminals, marking another blow to the Australian consumers as the country continues efforts to contain the data breach impact. The airline said the Qantas Airways cyberattack stemmed from unauthorized access to a third-party customer service platform used by one of its contact centers.

While flight operations and safety systems were unaffected, personal data belonging to millions of customers was compromised.

Stolen Data Under Court Protection

Qantas Airways obtained a court order from the New South Wales Supreme Court to stop anyone from viewing, sharing, or publishing the stolen data. The injunction applies to all parties, including third-party platforms, and aims to prevent any further spread of the information.

“With the help of specialist cybersecurity experts, we are investigating what data was part of the release,” Qantas said in a statement. The company added that it continues to work closely with the Australian Cyber Security Centre (ACSC) and the Australian Federal Police (AFP) as investigations progress.

The Qantas Airways airline has strengthened its internal systems by implementing additional security measures, expanding team training, and enhancing network monitoring and threat detection capabilities.

5.7 Mn Customers Impacted During Qantas Airways Cyberattack

The cyberattack exposed personal data belonging to an estimated 5.7 million Qantas customers. In response, the airline promptly notified all affected individuals about the nature of the compromised information. According to Qantas, there have been no further changes to the scope of impacted data since the initial disclosure, which involved some personal information but did not include credit card details, personal financial information or passport details.

To support affected customers, Qantas has established a 24/7 support line and continues to offer access to identity protection services. Customers can reach the dedicated helpline via 1800 971 541 or +61 2 8028 0534 and find updates on qantas.com.

Leadership Pay Cut Reflects Accountability

In its annual report released in September, Qantas announced a 15-percentage-point reduction in short-term bonuses for its Group CEO Vanessa Hudson and senior executives. The board said the decision was made to acknowledge the impact of the cyberattack on customers and to reinforce accountability at the highest level.

“Despite the strong performance, the Board decided to reduce annual bonuses by 15 percentage points as a result of the impact the cyber incident had on our customers,” said Qantas Group Chairman John Mullen. “This reflects their shared accountability, while acknowledging the ongoing efforts to support customers and put in place additional protections.”

For Hudson, the cut translates to a reduction of approximately AUD $250,000 in her overall pay package.

Advisory for Customers

Qantas Airways has urged customers to remain cautious of potential scams or phishing attempts. The airline advised travelers to:

• Stay alert to suspicious emails, messages, or calls claiming to be from Qantas.
• Use two-factor authentication wherever possible.
• Keep updated with the latest online threats through the Australian Cyber Security Centre and Scamwatch.
• Never share passwords, financial details, or booking references with unsolicited contacts.

Customers who believe they have been targeted by scammers are encouraged to report incidents to Scamwatch or seek guidance through IDCARE and the Office of the Australian Information Commissioner.