Close Menu
    sta
    Thursday, July 17
    Qantas Frequent Flyer

    Updated: Qantas Cyber Incident Exposes Customer Data

    The records of 6 million customers were leaked during a cyber attack
    MarkBy No Comments4 Mins Read
    Qantas A330
    Qantas A330 (Image; Qantas)

    While Qantas first told us of a Cyber Incident on Wednesday, they provided an update on Friday. While there was not a lot of new information, they did provide some updates on the progress. In particular, they should be able to provide more specific information next week.

    Next week, we will be in a position to update impacted customers on the types of their personal data that was contained in the system.

    This will confirm specific data fields for each individual, which will vary from customer to customer.

    Previous

    On Wednesday Qantas announced that about 6 million Qantas Frequent Flyers had their personal data compromised. According to a statement on their website, hackers gained this information through an attack on a contact centre.

    The initial information was that Qantas detected unusual activity on Monday 30 June. Their initial response to this was to contain the incident. They have confirmed that the incident resulted in a cyber criminal gaining access to a customer servicing platform.

    On Wednesday, Qantas began informing Qantas Frequent Flyers of the situation. The first email was a general email to all Qantas Frequent Flyers that the incident had occurred. Later, Wednesday evening, a follow up email was sent to those that Qantas believe to have been affected.

    What happened?

    On Monday 30 June 2025, Qantas detected unusual activity on a third-party platform used by a Qantas airline contact centre. Steps were then taken to contain the incident.

    What data was leaked?

    According to the emails that Qantas have sent, the following information may have been compromised:

    • Names
    • Email addresses
    • Phone numbers
    • Dates of birth
    • Frequent Flyer numbers

    While the data does not include credit cards numbers, financial information or passport numbers, there is still a lot that a scammer could do with what has been leaked.

    How has Qantas responded?

    According to the initial statements, Qantas has notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. In addition, due to the criminal nature of the breach, the Australian Federal Police are also involved.

    Qantas have also sent emails to customers that it believes have been affected.

    What can you do?

    Keep in mind that your Qantas Frequent Flyer number is a key to your points. Together with the combination of data taken could be used to open the door even further.

    For now, Qantas recommend the following:

    • Remain alert for unusual communications claiming to be from Qantas
    • Being cautious of emails or calls asking for personal information or passwords

    Qantas has set up a dedicated page on its website to keep customers updated. It would be worth staying across the information on this page. In addition, affected customers have been given access to support lines.

    Beyond the specific suggestions of Qantas, there are a few more things that you should consider:

    1. Set up 2FA. If you have not already done so on your account. The purpose of this is to send a code to your phone (via SMS) or email when somebody (hopefully you) tries to log into your Qantas Frequent Flyer account.
    2. Monitor your account: Keep an eye on your account for any unusual activity. Also pay attention to any messages you get about unusual login attempts – especially if you have not tried to access your account at that point.
    3. Be Wary of Scams and Phishing: Be vigilant if you get any unexpected call, SMS, or email, especially if it references Qantas. For example, you might get a call from somebody pretending to be from Qantas requesting passwords etc. Alternatively, you could get emails leading to a fake Qantas website. Be skeptical of emails from Qantas offering money, travel credits or points as compensation for the data breach.
    4. Stay Informed: Keep an eye out for any further communications from Qantas about the breach. Qantas has been providing updates on its website with information on the cyber-attack. In addition, dedicated support is available around the clock on 1800 971 541 or +61 2 8028 0534.

    Final Words

    While the breach is limited to personal data, it does expose affected customers to risk. Unfortunately, some of this data is difficult to change. If Passport or credit card information is stolen, while annoying, they can be changed. It is a bit more difficult to change your name and date of birth.

    It is important to keep in mind that the stolen information is often used to identify people. As such, this information could be used well beyond Qantas.

    As always, you will need to stay vigilant, and be skeptical of any unsolicited contact.

     

    Subscribe to our mailing list and we'll send you our latest updates
    * indicates required
    Share.

    Mark, the founder of Fly Stay Points, caught the travel bug early in life. During his travels, he eventually came to stumble upon loyalty programs, He first discovered the world of airline frequent flyer programs, and later hotel loyalty programs. He is always plotting his next adventure - and this includes working out how to leverage the loyalty programs. It is a constantly evolving world. Promotional opportunities come and go. Airlines come and go. New hotels open, old hotels change brands, and on it goes. FlyStayPoints was started as a way to try to keep on top of all this. Keep track of promotions. Understand the changes in the marketplace.

    Related Posts