Qantas says hit by ‘significant’ cyberattack
A ground worker walking near a Qantas plane is seen from the international terminal at Sydney Airport in Australia. The Australian airline has been hit by a “significant” cyberattack. REUTERS/Loren Elliott/file photo/File Photo/File Photo
SYDNEY, Australia – Australian airline Qantas said Wednesday it was investigating a “significant” cyberattack, after hackers infiltrated a system containing sensitive data on six million customers.
Qantas said hackers had targeted one of its customer contact centers, breaching a computer system used by a third party.
They had access to sensitive information such as customer names, email addresses, phone numbers and birthdays, the blue-chip Australian company said.
READ: Cyberattacks cost half of Asia-Pacific industrial firms $1M
“There are 6 million customers that have service records in this platform,” the company said in a statement.
“We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant.”
Credit card details and passport numbers were not kept in the system, Qantas added.
“There is no impact to Qantas’ operations or the safety of the airline.”
Chief executive Vanessa Hudson said Qantas had notified Australia’s National Cyber Security Coordinator.
“We sincerely apologize to our customers and we recognize the uncertainty this will cause,” she said.
“Our customers trust us with their personal information and we take that responsibility seriously.”
Qantas apologized in 2024 after a glitch with its mobile app exposed some passengers’ names and travel details.
A string of major cyberattacks have in recent years raised concerns about the protection of Australians’ personal data.
Major ports handling 40 percent of Australia’s freight trade ground to a halt in 2023 after hackers infiltrated computers belonging to operator DP World.
Russia-based hackers in 2022 breached one of Australia’s largest private health insurers, accessing the data of more than nine million current and former customers.
The same year telecom company Optus suffered a data breach of similar magnitude in which the personal details of up to 9.8 million people were accessed.
