- Qantas underwent a cyber attack in early June 2025
- An in -depth survey has now placed the number of people affected at 5.7 million
- Passwords and payment data are safe, but crooks have taken names, addresses and other PIIs
Qantas has confirmed that sensitive information out of 5.7 million customers has been exfiltrated in the recent cyber attack it has undergone.
The largest airline in Australia said it recently spotted an intrusion after a threat player targeted a call center and access a third-party customer service platform. Initially saying that six million people have been affected, Qantas has now appeared with more specific figures.
In a press release published on the company’s website, he said that the attackers had taken four million client names, email addresses and Details of Freetent Flyer. For the remaining 1.7 million, they also stole postal addresses, birth dates, telephone numbers, sex and meal preferences.
Scattered spider
The details of the credit card, personal financial information, details of passports, as well as passwords, pins and other connection details, were not compromised, because the data was not even held by the company, confirmed Qantas.
He said that he had started to inform the affected clients of the violation and exhorted them to remain vigilant and to verify independently the identity of the unsolicited appellants.
The company did not say who were the threat actors, or if they tried to deploy ransomware.
However, the incident shares numerous similarities with other attacks recently made by the group known as the Spider dispersion, a piracy group with financial motivation known to have targeted large American companies using social engineering and SIM exchange techniques.
This group has not yet claimed this attack – but in recent weeks, multiple reports have emerged from airlines affected by cyberattacks, Hawaiian airlines have confirmed an attack and Westjet and Globalx having also suffered the same fate recently. The FBI has even published an opinion, warning American companies dispersed spider activities.
At the time of the press, there was no evidence that the stolen data had been released in the wild. However, Qantas said he continues to “actively monitor” the web, with the help of cybersecurity experts.
