Sydney, July 3, 2025 —
Qantas Airways has launched an urgent investigation into a major cyberattack that has compromised the personal data of approximately six million customers. The breach, which was detected earlier this week, is believed to have occurred through a third-party platform used by the airline.

Breach Detected on Monday

In a statement released Wednesday, Qantas confirmed it had identified “unusual activity” on Monday involving a third-party system. The airline immediately took action to isolate the affected platform and prevent further unauthorized access.

“We took immediate steps to secure our systems and mitigate any potential damage,” a Qantas spokesperson said. “Our cybersecurity team is working closely with external experts and relevant authorities to investigate the incident.”

Scope of the Data Compromise

While the full extent of the breach is still being assessed, initial findings suggest that the hackers accessed personal information, which may include names, email addresses, contact numbers, and frequent flyer details. Payment information and travel histories are not believed to have been affected at this stage.

Qantas said it would directly contact any customers whose sensitive data was confirmed to be compromised.

Customer Concerns Mount

The news has sparked concern among millions of Australians who regularly use Qantas for both domestic and international travel. Cybersecurity experts have warned that even partial data exposure can lead to identity theft and phishing scams.

“Personal details like frequent flyer information can be valuable for cybercriminals, especially if linked to other breached data,” said Professor Angela Li, a cybersecurity analyst at the University of Sydney.

Regulators Notified

Qantas has informed the Australian Cyber Security Centre (ACSC) and the Office of the Australian Information Commissioner (OAIC) as per mandatory data breach notification laws. The airline has pledged full cooperation with authorities throughout the ongoing investigation.

A Pattern of Growing Cyber Threats

This incident adds to a string of high-profile cyberattacks that have hit Australian corporations in recent years, raising serious questions about the security of customer data held by major companies.

Qantas said it is reviewing all partnerships with external vendors and will implement further safeguards to bolster its cyber defenses.

What Customers Can Do

Customers are being urged to remain vigilant and monitor their accounts for any suspicious activity. Qantas has also advised users not to click on unsolicited emails or provide personal information to unverified sources.

A dedicated support line and online resource hub have been established for affected customers seeking guidance.

Ongoing Developments

As the investigation unfolds, Qantas has promised transparency and timely updates to all stakeholders.

“This is a deeply regrettable incident, and we apologize to our customers for the concern it may cause,” the airline stated. “We are doing everything possible to ensure their data is safe and secure.”