Security
Qantas has disclosed a significant cyber incident involving a third-party contact centre platform, resulting in a major data breach affecting customer information. Detected on June 30, 2025, the airline took immediate steps to contain the threat and confirmed that core Qantas systems remain secure.
The breach, which targeted a customer servicing system, exposed names, emails, phone numbers, dates of birth, and Frequent Flyer numbers. Qantas emphasized that no passwords, financial data, or passport information were compromised, and Frequent Flyer accounts remain secure. The airline is currently reaching out to affected customers with apologies and support options.
Cybersecurity experts suspect that the attack bears similarities to recent breaches executed by the Scattered Spider ransomware group, known for attacking airlines like Hawaiian Airlines and Canada's WestJet, and UK retailer Marks & Spencer. These hackers often use social engineering tactics, such as phishing, MFA bombing, and SIM swapping, to gain access, bypassing traditional cybersecurity measures.
Tony Jarvis, Field CISO at Darktrace, noted that the breach underscores the growing risks from third-party vendors and the importance of making cybersecurity a business-wide priority, especially across the supply chain. He added that the full impact on Qantas’ digital operations and brand reputation is yet to unfold.
Qantas stated that while the incident has been contained, the investigation is ongoing, and the volume of compromised data is expected to be significant. The company is collaborating with government agencies and independent cybersecurity experts to further assess and mitigate the breach.
Qantas reassured customers that airline operations remain unaffected, and there is no risk to flight safety. The incident highlights the urgent need for stronger third-party cybersecurity protocols in aviation and beyond.
The breach, which targeted a customer servicing system, exposed names, emails, phone numbers, dates of birth, and Frequent Flyer numbers. Qantas emphasized that no passwords, financial data, or passport information were compromised, and Frequent Flyer accounts remain secure. The airline is currently reaching out to affected customers with apologies and support options.
Cybersecurity experts suspect that the attack bears similarities to recent breaches executed by the Scattered Spider ransomware group, known for attacking airlines like Hawaiian Airlines and Canada's WestJet, and UK retailer Marks & Spencer. These hackers often use social engineering tactics, such as phishing, MFA bombing, and SIM swapping, to gain access, bypassing traditional cybersecurity measures.
Tony Jarvis, Field CISO at Darktrace, noted that the breach underscores the growing risks from third-party vendors and the importance of making cybersecurity a business-wide priority, especially across the supply chain. He added that the full impact on Qantas’ digital operations and brand reputation is yet to unfold.
Qantas stated that while the incident has been contained, the investigation is ongoing, and the volume of compromised data is expected to be significant. The company is collaborating with government agencies and independent cybersecurity experts to further assess and mitigate the breach.
Qantas reassured customers that airline operations remain unaffected, and there is no risk to flight safety. The incident highlights the urgent need for stronger third-party cybersecurity protocols in aviation and beyond.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
