Qantas Confirms Hacker Contacts Over Data of 6 Million Customers

Qantas has confirmed that a cybercriminal claiming to hold the personal data of up to six million customers has made contact with the airline following a breach at one of its Filipino call centres. The compromised information includes names, dates of birth, emails, phone numbers, and frequent flyer numbers, though sensitive financial or passport data were not stored at the affected centre. Qantas has engaged the Australian Federal Police and is working with cybersecurity experts to monitor the situation and strengthen its systems, while no ransom demands have been disclosed. This incident is part of a broader trend of cyberattacks on major Australian organizations, including Optus, Medibank, and the superannuation sector, often exploiting social engineering techniques such as vishing to bypass security measures. Experts warn that attackers increasingly use AI-enabled voice cloning to enhance their social engineering attacks, which target human vulnerabilities rather than software weaknesses. Qantas CEO Vanessa Hudson has apologized to affected customers and emphasized the airline's commitment to transparency and security improvements.