🦘 Qantas Cyber‑Attack: Up to 6 Million Aussies at Risk—What You Need to Know

Name: computer repairers
Brand: The Original PC Doctor
Rating: 4.8 (1226 reviews)

Cyber-attacks on Australian businesses are surging—and 2025 is on track to be a record-breaking year. According to the Australian Cyber Security Centre, over 94,000 cyber incidents were reported in the past 12 months, with the average cost to a business now topping $46,000 per breach. Data breaches are no longer rare headlines—they’re hitting home for millions. The latest victim? Our very own national carrier, Qantas.

What Happened in the Qantas Breach?

Qantas, Australia’s largest airline, has confirmed a major cyber-attack affecting up to six million customers. The breach targeted a third‑party customer service platform used by a Qantas call centre. Personal information—such as names, birth dates, email addresses, phone numbers, and frequent flyer numbers—was exposed. Thankfully, no financial or passport data was compromised.

The affected platform was managed by a third-party vendor.
Up to six million user records are at risk, with investigations ongoing.
Financial, passport, and password data were protected by system segmentation.

Who’s Behind It? The Scattered Spider Group

Investigators suspect the notorious “Scattered Spider” cybercrime group, who are known for targeting the aviation and retail sectors using social engineering tactics.

How Did Qantas Respond?

CEO Vanessa Hudson publicly apologised and reaffirmed Qantas’s commitment to improving data security.
Qantas is working with the ACSC, OAIC, AFP, and leading cybersecurity experts.
A hotline and dedicated webpage were launched for affected customers.
Qantas shares dropped by 3–3.5% after the announcement.

What Are the Risks to Customers?

If your data was leaked, you could be targeted by:

Phishing or spear-phishing campaigns (fake emails or texts pretending to be Qantas)
Social engineering attacks (scammers manipulating you to reveal more information)
Identity verification fraud (using your details to open accounts or commit fraud)

Tip: Always verify communications from companies, and never click links or give out information if you’re not 100% sure it’s legit.

What You Should Do Next

Be wary of any message claiming to be from Qantas.
Do not click links or share personal details with unverified contacts.
Enable multi-factor authentication wherever possible.
Monitor your accounts for unusual activity.

Need more tips on staying safe? Read: Cybersecurity Tips for Small Businesses in 2025.

How Can Qantas (and All Aussie Businesses) Do Better?

Rigorously assess third-party and vendor cybersecurity.
Increase the frequency and depth of risk assessments.
Embrace zero-trust and network segmentation models.

Regulators and industry must push for stronger supply chain security and updated legislation to keep up with evolving threats.

Australia’s Growing Data Breach Problem

The Qantas hack joins a growing list of recent high-profile breaches—including Optus and Medibank—that have exposed millions of Australians. These incidents highlight the urgent need for both industry and individuals to take cybersecurity seriously.

Stay vigilant, stay informed, and don’t let cyber-criminals catch you off guard. For the latest updates on cyber-attacks, scams, and practical cybersecurity advice, visit our Cybersecurity Blog Archive.

Content Created on 02/07/2025 by
John Pititto
Managing Director, The Original PC Doctor

Embark on a journey of connection and joy! Share this page with your loved ones on your favourite digital platform. Click one of the icons below and let the magic of sharing begin!