Qantas has confirmed that personal information belonging to 5.7 million customers has been leaked online following a cyberattack that targeted the airline in July.
The company said the data breach occurred through a third-party platform used by one of its customer contact centers.
The Australian carrier stated that it is among several global companies affected by the same incident. The breach exposed sensitive data, including customer names, email addresses, phone numbers, and dates of birth. Qantas said cybersecurity experts are working to determine the scope and impact of the leak and to identify which specific information was disclosed.
Qantas Investigates Data Breach Impact
“Qantas is one of a number of companies globally whose data has been disclosed by cybercriminals following the cyber incident that affected the airline in early July, in which customer data was stolen through a third-party platform,” the company said in a statement.
The airline had initially reported the attack in July, revealing that hackers gained unauthorized access to a system used by a third-party service provider that handles customer contact operations. The intrusion compromised customer information but did not affect Qantas’ flight operations or core booking systems, according to earlier company updates.
“With the help of cybersecurity specialists, we are investigating which data was subject to disclosure,” said Qantas in its most recent statement. The airline emphasized that its cybersecurity teams continue to assess the exposure and take steps to protect affected customers where possible.
Legal Action and Ongoing Cybersecurity Measures
In response to the leak, Qantas has obtained a legal injunction from the Supreme Court of New South Wales, where the company is headquartered. The injunction seeks to prevent the stolen data from being “accessed, viewed, disclosed, used, transmitted, or published by anyone, including third parties.”
The company said it is cooperating with authorities and cybersecurity professionals to contain the breach and minimize potential harm. Qantas has also notified relevant regulators and is working to ensure that impacted customers are informed as the investigation continues.
The July attack is part of a growing wave of cyber incidents targeting airlines and service providers worldwide, as hackers exploit third-party systems that manage customer information. Data breaches of this scale have raised renewed concerns over the aviation industry’s digital infrastructure and the protection of sensitive personal data.
Qantas reiterated its commitment to strengthening data security and said further updates will be provided once the internal review is complete. The company urged customers to remain vigilant against potential phishing or fraudulent activity linked to the incident.
Top Photo Credit: Frame Stock Footage / Shutterstock.com
