Qantas Airways has confirmed that following a significant cyber attack earlier this year, customer data has been published online by cyber criminals. Qantas explained that the breach in July resulted in personal information for more than a million airline passengers being disclosed; thus it became one of Australia’s largest data security breaches in recent memory.

At the time of the breach, Qantas had indicated that sensitive information had been accessed such as phone numbers, birth dates and home addresses. Furthermore, four million customers had their names and email addresses taken, although importantly not more sensitive personal identified information.

One of Australia’s Largest Cyber Breaches

The July cyberattack became one of Australia's most publicly notable data breaches since 2022, when telecommunications company Optus and health insurer Medibank suffered major cyberattacks, igniting a national conversation on data security and creating new laws to bolster cyber resilience and better protect consumer data.

This most recent Qantas case, is another reminder of the increasing sophistication of global cyber threats, as well as the challenges large organizations face in being able to protect user data.

Attack Linked to Hacking Group

On Sunday, Qantas revealed that the cybercriminals had started posting sections of the hacked data. The airline said they were “one of a number of companies globally that has had data released by cybercriminals following the airline’s cyber incident in early July, in which customer data was exfilitrated through a third-party platform.”

The hacking group, known as Scattered Lapsus$ Hunters, is purportedly responsible for the data leak. According to The Guardian Australia, the release occurred after the ransom window imposed by the group had passed, suggesting Qantas did not comply with any dictated demands. The airline did not offer a comment on that report.

Active Investigation and Legal Proceedings

Qantas reported it is collaborating with cyber security experts to determine the specific types of data that were compromised as well as the scope of that compromise. The airline noted it has also received a court order prohibiting anyone from accessing, viewing, or sharing the hacked data.

“We have an active order preventing the stolen data from being accessed, viewed, released, used, transmitted or published or procured by anyone including third parties,” Qantas said in an official statement.

Global Cybersecurity Issues on the Rise

This incident reflects the increase in cyberattacks on high-profile businesses. Hackers are increasingly taking advantage of third-party platforms and vulnerabilities in supply chains, which means businesses with robust internal security practices are at greater risk of being compromised.

For Australian consumers, the Qantas incident adds to the already growing feeling of vulnerability and the need for a more robust approach to data protection within all industries. While investigations continue, the airline has recommended its affected customers monitor suspicious activity and will provide updates as needed when more details are available.