- Qantas Led a Cyberattack in early June 2025
- A thorough study has now placed the number of persons affected at 5.7 million
- Passwords and Payment Data are safe but Crooks took names, addresses and other PII
Qantas has confirmed sensitive information about 5.7 million customers was ex -filtered in the recent cyberattack, the link.
Australia’s largest airline said it recently discovered an intrusion after a threat actor targeted a call center and gained access to a third -party customer service platform. Originally claimed that six million people were affected, Qantas has now come up with more precise numbers.
In a press release published on the company’s website, it said the striker took four million customer names, E -mail addresses and Qanta’s frequent flyer information. For the remaining 1.7 million, they also stole mailing addresses, birth dates, phone numbers, gender and meals.
Spread spider
Credit card information, personal financial information, passport information and passwords, pins and other login information were not compromised as the data was not even contained by the company, Qantas confirmed.
It said it had begun to notify the customers concerned about the violation and called on them to remain vigilant and independently verify the identity of unsolicited callers.
The company did not say who the threat actors were or if they tried to implement ransomware.
However, the incident shares many similarities to other attacks recently made by the group known as scattered spider, an economically motivated hacking group known for targeting large American companies using social engineering and SIM swing techniques.
This group has not yet taken responsibility for this attack – but in recent weeks there have been several reports that airlines are being hit by cyberattacks, with Hawaiian Airlines confirmed that he was suffering an attack and both Westjet and Globalx suffering the same fate recently. The FBI even released advice that warned US companies about scattered spider activities.
At the time of the press, there was no evidence that the stolen data were released to nature. Still, Qantas said it continues to “actively monitor” the Internet using specialized cybersecurity experts.
