Cybercriminals have hit Qantas in a major data breach that exposed information from up to six million customers. Airline data breaches are on the rise, putting millions of travelers at risk. The Qantas incident underscores how vulnerable personal information can be. The FBI recently warned that a hacking group called Scattered Spider is actively targeting airlines and the transportation sector. So, what should you do if your data was compromised, and how can you protect yourself moving forward?
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER.
On June 30, 2025, Qantas found unusual activity on a third-party customer service platform. Hackers broke into this system and took personal information, such as names, email addresses, phone numbers, dates of birth, and frequent flyer numbers.
Qantas confirmed that hackers did not access credit card details, financial information, or passport data. The airline quickly stopped the breach and began telling affected customers. We reached out to Qantas for comment. They referred us to their official update, which says the system remains secure. No one compromised frequent flyer accounts or passwords. Qantas also reports no further threat activity. The airline is working with cybersecurity experts and government authorities to investigate. They have added new security measures to protect customer data and frequent flyer accounts.
The timing is alarming. Just days before the breach, the FBI warned that Scattered Spider, a hacking group known for its social engineering and ransomware tactics, was targeting airlines. This group has been linked to attacks on Hawaiian Airlines and WestJet.
Chris Borkenhagen, a seasoned cybersecurity leader who serves as CISO & Chief Digital Officer at AuthenticID and brings over two decades of experience protecting digital identities, explains: