AseanPlus News

Australian airline Qantas says millions of customers' data leaked online

FILE PHOTO: A Qantas logo is visible on the tail of an aeroplane at an airport in Sydney, Australia, September 18, 2025. The hackers had reportedly set an October 10 deadline for ransom payment. -Reuters

SYDNEY: Australian airline Qantas said Sunday that data from 5.7 million customers stolen in a major cyberattack this year had been shared online, part of a leak reportedly involving dozens of firms.

Qantas said in July that hackers had targeted one of its customer contact centres, breaching a computer system used by a third party.

They secured access to sensitive information such as customer names, email addresses, phone numbers and birthdays, the blue-chip Australian company said.

Credit card details and passport numbers were not kept in the system, Qantas stressed at the time.

AFP understands the third-party involved is software firm Salesforce, which said last week that it was "aware of recent extortion attempts by threat actors".

The hackers have also obtained stolen data from dozens of other companies including Disney, Google, IKEA, Toyota, McDonalds and fellow airlines Air France and KLM.

"Qantas is one of a number of companies globally that has had data released by cyber criminals following the airline's cyber incident in early July, where customer data was stolen via a third party platform," the company said in a statement.

"With the help of specialist cyber security experts, we are investigating what data was part of the release," it added.

It also said it had obtained a legal injunction with the Supreme Court of New South Wales, where the firm is headquartered, "to prevent the stolen data being accessed, viewed, released, used, transmitted or published by anyone, including third parties".

Cybersecurity analysts have linked the hack to individuals linked to an alliance of cybercriminals called Scattered Lapsus$ Hunters.

Research group Unit 42 said in a note the group had "asserted responsibility for laying siege to customer Salesforce tenants as part of a coordinated effort to steal data and hold it for ransom".

The hackers had reportedly set an October 10 deadline for ransom payment.

Threat intelligence platform FalconFeeds said on X the customer data had been posted on the dark web over the weekend.

Vietnam Airlines, clothing giant Gap and Japanese multinational Fujifilm also had data leaked, it said.

The hackers reportedly stole the sensitive data using a social engineering technique, referring to a tactic of manipulating victims by pretending to be a company representative or other trusted person. - AFP

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
Australia , Qantas , millions of customers' data leaked online

Next In Aseanplus News
Controlled disposal of WWII bomb to be held at Changi Airport work site on April 2 morning
Spreading fake news during crisis is a betrayal of the nation, says Anwar
Lancang-Mekong cooperation brings safe drinking water to Lao village
Indonesia's Mt Semeru records 16 eruptions in six hours
Myanmar imposes fishing ban during spawning season to protect aquatic resources
Thailand to force cannabis shops into medical model as numbers plunge
Police raid Cambodian online gambling den in Medan, detain 19
Chinese nationals nabbed for using fake Mexican passport, three others detained
Over 10 months’ jail for Singapore man who misappropriated more than S$78,000 in temple donations
Exclusive: Pakistan and Afghan Taliban resume talks in China as Beijing seeks ceasefire

Trending in AseanPlus

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.