SINGAPORE, 4 July 2025: Qantas confirmed on Wednesday that a cyber incident occurred in one of its contact centres, impacting customer data.
“The system is now contained,” the airline assured passengers in an announcement released on 2 July.
It read: “We understand this will be concerning for customers. We are currently contacting customers to make them aware of the incident, apologise and provide details on the support available.”
The airline stated that the incident occurred when a cybercriminal targeted a call centre and gained access to a third-party customer service platform. However, it affirmed there was no impact on Qantas’ operations or the safety of the airline.
Qantas detected unusual activity on a third-party platform used by the airline’s contact centre. It took immediate steps and contained the system.
There are 6 million customers with service records on the compromised platform.
The airline reports it is continuing to investigate the proportion of the data that has been stolen, “though we expect it will be significant.”
An initial review has confirmed the data includes some customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers.
Credit card details, personal financial information and passport details were not deposited in the hacked system. No frequent flyer accounts, passwords, PINs or login details were compromised. Qantas has in place a multi-factor authentication for its frequent flyer accounts using SMS or an authentication app.
Qantas has initiated an investigation and is implementing additional security measures to restrict access and enhance system monitoring and detection.
Qantas has notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. Given the criminal nature of this incident, the Australian Federal Police has also been notified. We will continue to support these agencies as the investigation continues.
Qantas Group Chief Executive Officer Vanessa Hudson said: “We sincerely apologise to our customers and we recognise the uncertainty this will cause. Our customers trust us with their personal information, and we take that responsibility seriously.
“We are contacting our customers today, and our focus is on providing them with the necessary support. “We are working closely with the Federal Government’s National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts.”
