Qantas data breach deepens, hackers leak customer info as ransom deadline ends

Published on: Oct 12, 2025 11:00 am IST

Share Via

Copy Link

The stolen information includes email addresses and birth dates, but not financial details. The airline is working with authorities and investigation is on.

Months after data belonging nearly 5.7 million customers of Australian airline Qantas was stolen, the information was leaked on Saturday by hackers, who had reportedly set a ransom deadline for October 10.

Qantas said that it continues to work closely with Australian Government agencies, including the Australian cyber security centre and the Australian federal police.(AFP)

The data was stolen as part of a major cyberattack after hackers targeted one of the airline's customer contact centres. In June, a third-party used computer system in one of Qantas' customer contact centres was breached.

“On 30 June, Qantas detected unusual activity on a third-party servicing platform used by one of its airline contact centres and took immediate steps to secure the system. Qantas is one of a number of companies globally that has had data released by cyber criminals following a cyber incident in early July, where customer data was stolen via a third party platform,” read a statement Qantas' official website.

The Qantas data, which was stolen from a Salesforce database in a major cyber-attack in June, included customers’ email addresses, phone numbers, birth dates and frequent flyer numbers, although it did not contain credit card details, financial information or passport details.

On Saturday the group marked the data as “leaked”, writing: “Don’t be the next headline, should have paid the ransom.”

Qantas said they consulted specialist cyber security experts who are investigating what data was part of the release. It also said it had obtained a legal injunction with the Supreme Court of New South Wales, where the firm is headquartered, “to prevent the stolen data being accessed, viewed, released, used, transmitted or published by anyone, including third parties”.

The airline further said that it continues to work closely with Australian government agencies, including the Australian cyber security centre and the Australian federal police. Additional security measures, increased training across teams and strengthened system monitoring and detection have also been initiated since the incident occurred.

“We will continue to share updates on qantas.com and through our 24/7 support line on 1800 971 541 or +61 2 8028 0534 where customers have ongoing access to specialist identity protection services,” the release further read.

According to a report by The Guardian, the airline is one of more than 40 firms globally caught up in the hack, reported to contain up to 1 billion customer records.

The hacker collective Scattered Lapsus$ Hunters released an extortion note on a data leaks site on the dark web last week, demanding payment in return for preventing the stolen data from being shared.

In the note, the group "asserted responsibility for laying siege to customer Salesforce tenants as part of a coordinated effort to steal data and hold it for ransom", reported news agency AFP.

Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, and Russia get all the latest headlines in one place with including 3I/ATLAS Liveon Hindustan Times.