SYDNEY- Hackers have exposed personal data from up to six million Qantas (QF) customers on the dark web after a third-party software vendor refused to meet ransom demands.
The breach can be traced back to a cyberattack targeting Salesforce, a US-based technology provider used by multiple global firms.
The compromised information includes customer names, email addresses, frequent flyer numbers, and, in some cases, dates of birth, addresses, and meal preferences. Qantas, based at Sydney Airport (SYD), has confirmed that frequent flyer accounts remain secure and offered affected customers free credit monitoring services.
Hackers Leak Qantas Customer Data
In late June, Qantas revealed it was among several international companies affected by the breach involving Salesforce’s customer service software.
The same cyberattack impacted other major carriers such as Air France (AF) and KLM Royal Dutch Airlines (KL), as well as luxury brands like Cartier, Louis Vuitton, and Pandora.
Hackers reportedly gave Salesforce a deadline to pay a ransom, threatening to publish the stolen data if unpaid. When the deadline expired, cybersecurity experts in Australia verified that personal information belonging to Qantas customers had been uploaded to dark web forums.
According to PYOK, this breach is part of a wider wave of attacks exploiting vulnerabilities in widely used enterprise software.
The stolen dataset represents a significant privacy risk, with hackers able to access sensitive information that could be exploited for identity theft, phishing, or social engineering attacks.
Qantas Response and Internal Measures
Qantas has reassured customers that no financial details or passwords were compromised and that frequent flyer accounts remain intact.
The airline is providing free access to credit and identity monitoring tools, encouraging passengers to stay alert for suspicious activity linked to their personal data.
To demonstrate accountability, Qantas executives had their annual bonuses reduced by 15%. This decision underscores the carrier’s commitment to improving cybersecurity resilience and transparency after the breach.
Wider Aviation Industry Under Cyber Threat
Qantas is not alone in facing cyberattacks. Air France customers in the US have already filed a class action lawsuit, alleging negligence in safeguarding passenger data.
Earlier this year, the FBI’s Cyber Division warned airlines of heightened risks from hacker groups such as “Scattered Spider,” known for targeting aviation systems through social engineering tactics. These schemes often involve manipulating IT support teams to gain unauthorized access to internal networks.
British Airways (BA), concerned about similar vulnerabilities, temporarily locked out hundreds of staff members from key operational systems while implementing enhanced cybersecurity measures.
Looking Ahead
The Qantas data breach highlights the growing challenge of securing digital infrastructure in aviation.
As airlines depend increasingly on third-party cloud platforms for operations and customer engagement, the industry’s exposure to cyber risks continues to expand.
Strengthening vendor oversight, enforcing multi-layered authentication, and improving staff awareness remain critical steps to protecting passenger data.
