Hack hits Australian airline Qantas, leaks data of 5.7 million customers online

Australian airline Qantas confirmed on Sunday that highly sensitive personal information belonging to 5.7 million customers has been leaked online. The data, stolen during a major cyberattack earlier this year, is part of a wider security breach that has compromised dozens of global corporations.

The airline’s announcement comes after hackers reportedly posted the stolen data to the dark web over the weekend, following a ransom deadline. The breach originated from a security failure at Salesforce, a third-party software firm Qantas uses for a customer contact centre system.

Qantas is one of many high-profile victims in the coordinated attack.

Corporations including Disney, Google, IKEA, Toyota, McDonald’s, and fellow airlines Air France and KLM are also reported to have had customer data stolen from Salesforce. The information is now being held for ransom by the cybercriminals.

More from World

China slams US's 'double standards' after Trump imposed 100% tariffs on Beijing Malala Yousafzai opens up on flashbacks to Taliban shooting after smoking bong at Oxford

Salesforce previously acknowledged “extortion attempts by threat actors” this month. Qantas first confirmed in July that a system used by a third party—now identified as Salesforce—was breached, giving hackers access to customer names, email addresses, phone numbers, and  birthdays.

Crucially, the airline reiterated that credit card details and passport numbers were not stored in the compromised system.

Legal action taken

Qantas released a statement saying it is “investigating what data was part of the release” with the help of specialist cybersecurity experts. The company also announced it has secured a legal injunction from the Supreme Court of New South Wales to prohibit anyone from accessing, viewing, or publishing the stolen data.

Cybersecurity analysts have linked the hack to individuals connected to an alliance of cybercriminals known as Scattered Lapsus$ Hunters.

The group reportedly “asserted responsibility for laying siege to customer Salesforce tenants as part of a coordinated effort to steal data and hold it for ransom,” according to research group Unit 42.

Impact Shorts

More Shorts

As Trump counts down govt shutdown, Congress leaders blame one another for fund deadlock

India must factor nuclear threats into its security calculus: CDS Chauhan

Experts believe the hackers used a social engineering technique, where they manipulated customer support employees by posing as trusted IT staff to gain access to sensitive data—a tactic the FBI warned about last month.

The Qantas breach is the latest in a series of big cyberattacks that have jolted Australia. In recent years, the nation has seen major incidents, including a 2023 hack on DP World, which temporarily crippled ports handling 40% of Australia’s freight trade, and a 2022 breach of a major private health insurer by Russia-based hackers, accessing the data of over nine million customers.

Qantas says it has had no further breaches since July and is fully cooperating with Australian security services.