![No further breaches have taken place since and the company is cooperating with Australian security services [File] | Photo Credit: REUTERS](https://newspage360.com/wp-content/uploads/2025/10/2025-09-18T012013Z_1289781846_RC21UGAHBGAT_RTRMADP_3_AUSTRALIA-QANTAS-1068x601.jpg "No further breaches have taken place since and the company is cooperating with Australian security services [File] | Photo Credit: REUTERS")
Qantas Data Breach: 5.7 Million Customers Affected in Global Cyberattack
Australian airline Qantas has confirmed that personal data of 5.7 million customers stolen in a July cyberattack has been leaked online. The breach occurred through a third-party Salesforce platform and is part of a larger global attack affecting companies including Disney, Google, IKEA, Toyota, McDonald’s, Air France, and KLM.
Key Details of the Breach
The compromised information includes:
- Customer names, email addresses, and phone numbers
- Frequent flyer details and meal preferences
- Some business or home addresses and dates of birth
Qantas confirmed that no credit card details, financial information, or passport data were affected in the breach.
Legal Action and Expert Response
The airline obtained a legal injunction from the Supreme Court of New South Wales to prevent the stolen data from being “accessed, viewed, released, used, transmitted or published.” However, cybersecurity expert Troy Hunt called the measure “frankly ridiculous,” noting it would have little effect on preventing data spread internationally.
“It obviously doesn’t stop criminals at all anywhere, and it also really doesn’t have any effect on people outside of Australia,” Hunt told AFP.
Global Impact and Hacker Connections
Cybersecurity analysts have linked the attack to the Scattered Lapsus$ Hunters group, which reportedly set an October 10 ransom deadline. The hackers used social engineering techniques, posing as IT workers to trick customer support employees into granting data access.
Google confirmed one of its corporate Salesforce servers was targeted but didn’t confirm if data was leaked. “Google responded to the activity, performed an impact analysis and has completed email notifications to the potentially affected businesses,” said Melanie Lombardi, head of Google Cloud Security Communications.
Growing Cybersecurity Concerns
The Qantas breach follows other major Australian cyber incidents, including last year’s mobile app glitch that exposed passenger data and the 2023 DP World port hack that halted 40% of Australia’s freight trade.
