6 Million Qantas customers affected in major Cyber attack

Qantas has disclosed a major cybersecurity breach affecting up to 6 million
customers, after cybercriminals gained unauthorised access to a third-party
customer service platform used by its Manila call centre.

While passport and financial details were not compromised, the attackers accessed
names, email addresses, frequent flyer numbers, and dates of birth. Qantas reported
the incident to several Australian authorities, including the Australian Federal Police
and the Australian Cyber Security Centre.

The airline activated its incident response plan, swiftly containing the breach and
introducing additional security measures to tighten access and enhance monitoring.
In a statement on the Qantas website, CEO Vanessa Hudson apologised to
customers and acknowledged the uncertainty the breach may cause. She confirmed
the incident does not affect flight operations or safety systems. Qantas has also
launched a dedicated support line and an information webpage to assist and update
customers.

Qantas is under investigation and may face regulatory action under Australia’s
Privacy Act, with the Office of the Australian Information Commissioner (OAIC) able
to impose heavy penalties for large-scale data breaches.

Law firm Maurice Blackburn is seeking compensation for millions of customers
whose data was stolen in the cyberattack, alleging Qantas failed to take reasonable
steps to protect personal information breaching the Privacy Act.

Source: Up to 6 million hit by Qantas cyber attack by Jessica way and Brendan Kearns The Australian July 2 nd ,
Maurice Blackburn compensation case against Qantas over cyber attack by Robyn Ironside The Australian July 18 th .