Airlines around the world are on high alert after Qantas was the latest victim of a cyberattack. Names, email addresses, dates of birth and Frequent Flyer were exposed in the incident, potentially affecting up to six million customers. Fortunately Qantas said in an email to members, “no credit card details, personal financial information and passport details are held in the system that was accessed. No Frequent Flyer accounts, passwords, PIN numbers or log in details have been compromised.”
Qantas said it detected “unusual activity on a third-party platform used by a Qantas airline contact centre” and that was on Monday. Qantas said the incident was contained and the company systems remain secure.
Only a few days before the US Federal Bureau of Investigation (FBI) warned that it had recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector. Scattered Spider is a hacking group of teens and young adults believed to be from the US and UK. The group uses social engineering techniques to convince employees or contractors to divulge passwords or authentication codes. Given their command of English, they can be very convincing. Now, there’s no confirmation Scatter Spider was responsible for the Qantas hack but it’s a very similar pattern.
ALERT—The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector. These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.… pic.twitter.com/gowmbsAbBY
— FBI (@FBI) June 27, 2025
The FBI stated; “They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk. Once inside, Scattered Spider actors steal sensitive data for extortion and often deploy ransomware. The FBI is actively working with aviation and industry partners to address this activity and assist victims. Early reporting allows the FBI to engage promptly, share intelligence across the industry, and prevent further compromise. If you suspect your organization has been targeted, please contact your local FBI office.”
Qantas has issued a “sincere apology” and although the “incident” occured on a third-party platform, the buck stops with our national airline. I am one of six million customers, a pretty loyal one at that, who will need to be extra vigilant over the coming months as cybercriminals try to leverage the data they’ve stolen.
If you are concerned by what’s happened, Qantas has set up a dedicated support line on 1800 971 541 or +61 2 8028 0534.
