Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The airline confirms that 5.7 million frequent flyers were impacted, as it begins contacting customers to confirm what personal data was compromised in last week’s data breach.
Qantas has begun the process of contacting its Frequent Flyer customers with the details of exactly how much of their personal data was compromised following a cyber attack on the last day of June.
The national carrier first disclosed the incident on 2 July, making initial contact with customers later that day.
Soon after, Qantas committed itself to contacting customers again with the exact nature of the data impacted by the incident.
“On Monday, 30 June 2025, we detected unusual activity on a third-party platform used by a Qantas Airline contact centre. We took immediate steps and contained the system,” the latest email, sent to customers on 9 July and on behalf of Qantas CEO Vanessa Hudson, said.
“I know this incident has been concerning, and I am deeply sorry for the uncertainty this has caused.”
The email explains that Qantas’ cyber security teams have been investigating the data compromised in the incident, and that they’re now able to confirm that – in the case of the email seen by Cyber Daily – the customer’s name, Qantas Frequent Flyer number, and Frequent Flyer tier were all compromised.
“Our customer records are based on unique email addresses, so if you have multiple email addresses registered with Qantas, you may receive a separate notification to each impacted email address,” the email said.
“There is no evidence that any stolen personal data has been released but, with the support of specialist cyber security experts, we continue to actively monitor.”
Qantas said no passwords or PINs were compromised, Frequent Flyer accounts remain secure, and more information will be available to customers this week.
“To provide our Qantas frequent flyers with further visibility, you will be able to view the types of your data that were held on the compromised system once you are logged into your account,” the email said.
“We expect this capability will be available from later this week.”
At the same time, the airline has also confirmed that the number of customers impacted was 5.7 million. Four million customers have had their name, email address, and Frequent Flyer number compromised. Of this number, 1.2 million records contained a name and email address, while 2.8 million included name, email address and Frequent Flyer number, and, in some cases, their tier.
The breakdown of the remaining 1.7 million customers includes the following:
“Since the incident, we have put in place a number of additional cyber security measures to further protect our customers’ data, and are continuing to review what happened,” Hudson said in an update on the Qantas News Room.
“We remain in constant contact with the National Cyber Security Coordinator, Australian Cyber Security Centre and the Australian Federal Police. I would like to thank the various agencies and the federal government for their continued support.”
Security analysts believe the attack was likely carried out by a hacking collective known as Scattered Spider, which was behind a recent spate of attacks targeting retailers in the United Kingdom.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
