Qantas to tell hacking victims details of specific data stolen

In an update, the airline also revealed it had implemented additional security measures and said it was working with experts to “forensically analyse” the impacted system.

The incident on Monday saw cybercriminals target a Qantas call centre, which gave them access to 6 million customer records, including names, email addresses, and phone numbers.

While no group has come forward to claim responsibility, reports have suggested that a hacking collective known as Scattered Spider may be behind the attack.

“Next week we will be in a position to update affected customers on the types of their personal data that was contained in the system,” Qantas said in a statement.

“This will confirm specific data fields for each individual, which will vary from customer to customer.

“We have also increased resourcing in our contact centres to support our customers and have received more than 5,000 enquiries through our dedicated customer support line established following the cyber incident.

VIEW ALL

“Since Wednesday morning, the airline has communicated directly with its frequent flyers to notify them of the incident and to apologise that this has occurred. Frequent flyers who have not received this email should check their spam or junk folder.”

Qantas also reiterated that no credit card details, personal financial information or passport details were stolen and said there was no impact on Frequent Flyer accounts.

Vanessa Hudson, facing one of her first major crises as chief executive, said she understood that data breaches could feel “deeply personal” and acknowledged the “genuine concern” this creates for customers.

“Right now we’re focused on providing the answers and transparency they deserve,” she said.

“Our investigation is progressing well with our cybersecurity teams working alongside leading external specialists to determine what information has been accessed.

“We’re finalising a process that will enable us to provide affected customers with more information about their personal information that was potentially compromised.

“We are treating this incredibly seriously and have implemented additional security measures to further strengthen our systems. Our customers can be assured that we have the right expertise and resources dedicated to resolving this matter thoroughly and effectively.

“I want to apologise again for the uncertainty this has caused. We’re committed to keeping our affected customers informed with regular updates as our investigation progresses.”

The update comes after cyber security company Darktrace told Australian Aviation’s sister brand Cyber Daily that the breach bears the fingerprints of hacking collective Scattered Spider.

Tony Jarvis, a chief information and security officer for the business, said Scattered Spider claimed responsibility for attacks against America’s Hawaiian Airlines and Canada’s Westjet last week.

“Scattered Spider are thought to be native English speakers who don’t just exploit technical vulnerabilities but manipulate people, especially IT help desks, through phishing, Multi Factor Authentication (MFA) bombing, and SIM swapping to gain access,” Jarvis said.

“The unfortunate thing is that this sort of third-party attack is not unique. It is just one more example of why cybersecurity is a fundamental business priority across the entire supply chain – especially when defending against highly targeted tactics that bypass traditional security measures.

“How significant the impact will be to Qantas’ operations – across both digital and physical channels – and the damage to its brand and reputation remains to be seen.”