Millions of Qantas customer details posted on dark web by hackers

The details of millions of Qantas customers have been posted on the dark web by hackers, following through on previous threats made by the group last week.  

On October 11, 2025, cyber extortionists Scattered Lapsus$ Hunters confirmed on social media the details of Qantas frequent flyers had been “leaked” after a ransom was not paid. 

The hack involved the data of 5.7 million Qantas customers including names, email addresses, and frequent flyer numbers, but for some it also included addresses, date of birth and phone numbers. 

Qantas was one of several companies, including Disney, Vietnam Airlines, Ikea and McDonald’s, that were targeted in the breach. The hackers targeted Salesforce for information. 

On July 2, 2025, Qantas announced that an individual or individuals with possible criminal intent targeted a call center and gained access to a third-party customer servicing platform.   

The airline said that on July 1, 2025, it “detected unusual activity on a third-party platform used by a Qantas airline contact center” and immediately initiated counter cyber-attack measures to contain the system.   

On social media, Scattered Lapsus$ Hunters told authorities to “change your laws, change your policies, change something, we will endlessly attack you till you eventually rewrite your own rules”. 

The Australian government held its position that it will not negotiate with hackers or pay ransoms.  

In a statement to The Guardian, Salesforce said: “We are aware of recent extortion attempts by threat actors, which we have investigated in partnership with external experts and authorities. Our findings indicate these attempts relate to past or unsubstantiated incidents, and we remain engaged with affected customers to provide support.”

RELATED

6M Qantas customers targeted by fraudsters days after FBI warns airlines

The post Millions of Qantas customer details posted on dark web by hackers appeared first on AeroTime.

Go to Source