Qantas breach affects 5.7 million customers; hacker group dumps data online
Hackers hit Qantas in June 2024, stealing data from up to 5.7 million customers by breaching a third-party Salesforce platform.
Info like names, addresses, emails, phone numbers, and Frequent Flyer numbers was exposed—though no financial or passport details were taken.
The hacker group Scattered LAPSUS$ Hunters demanded payment by October 10, 2024; when Qantas didn't pay, the hackers dumped the stolen data online on October 11, 2024.
What is the airline doing now?
Qantas quickly secured its systems and alerted Australian authorities after discovering the breach.
Impacted users got email notifications and will be able to check if their info was leaked through their accounts once the feature is available.
To help protect everyone's Frequent Flyer accounts, Qantas now asks for extra ID checks before making changes and is keeping a closer eye on suspicious activity.
Customers are being urged to stay alert for scams or weird account activity as investigations continue with cybersecurity experts and government agencies involved.