Qantas cyber incident

We sincerely apologise to all our partners and customers impacted by the recent cyber incident that has occurred.
Last updated: 23 July 2025
Latest News|Published 9 July 2025

We are aware of increased reports of scammers impersonating Qantas.

These scammers are attempting to use the heightened awareness of our situation to entice Qantas customers to click through links or share personal details. This is unfortunately common after incidents like this.

There are also a number of scams affecting several Australian organisations that have been reported on in recent months and were occurring before our incident. Some are cyclical based on time of year. These are unrelated to Qantas.

Our Cyber teams continue to monitor 24/7 to prevent phishing attempts and block fraudulent websites and other communications.

There is still no evidence that any personal data stolen from Qantas has been released, but with the support of specialist cyber security experts, we continue to actively monitor.

If you have a customer who believes they have been targeted by scammers, please advise them to report it immediately to Scamwatch.

Qantas will never contact customers requesting passwords, booking reference details or sensitive login information.

Customers should remain alert for unusual communications claiming to be from Qantas or requesting personal information or passwords.

Customers can continue to access our dedicated support line on 1800 971 541 or +61 2 8028 0534 and have access to specialist identity protection advice and resources through this team.

To help further protect our customers impacted by the recent cyber incident, Qantas has obtained an interim injunction in the NSW Supreme Court.

This prevents the stolen data from being accessed, viewed, released, used, transmitted or published by anyone, including by any third parties.

We want to do all we can to protect our shared customers’ personal information and believe this was an important next course of action.

We would like to reassure customers that there continues to be no evidence that any personal data stolen from Qantas has been released but, with the support of specialist cyber security experts, we continue to actively monitor.

Our focus continues to be on doing all we can to support our affected customers.

Once again, we sincerely apologise to all of our customers that this occurred.

What happened

On Monday 30 June 2025, we detected unusual activity on a third-party platform used by a Qantas airline contact centre. We immediately contained the system and can confirm Qantas systems remain secure.

We are continuing to investigate the proportion of data that has been stolen. Our initial investigations show the compromised data includes some names, email addresses, phone numbers, date of birth and frequent flyer numbers.

Data that was compromised

Qantas has progressed its forensic analysis of the customer data in the system that was compromised.

There is no evidence that any personal data stolen from Qantas has been released, but with the support of specialist cyber security experts, we continue to actively monitor.

Qantas has reconfirmed no credit card details, personal financial information or passport details were stored in this system and therefore have not been accessed.

There continues to be no impact to Qantas Frequent Flyer accounts. Passwords, PINs and log in details were not accessed or compromised. The data that was compromised is not enough to gain access to these Frequent Flyer accounts.

Specific data fields vary from customer to customer. Our analysis has found:

The majority of customer records that were compromised are limited to:

Some customer records include a combination of the ones above, and one or more of the following:

We can confirm outside of some residential and business addresses, including hotels for baggage services, there are a number of these fields that are invalid.

Not all are full addresses, some are postcode only, and some are a number of years old, for example. However, we have decided to notify everyone that had a potential address field populated in an effort to be transparent as possible.

Customer records are based on unique email addresses, and customers with multiple email addresses may have multiple accounts.

How we're communicating with customers

Qantas is emailing affected customers aged 15 and above for whom we hold an email address to advise them of the types of their personal data that was contained in the impacted system and provide advice and support. Customers are advised to check their junk/spam folder.

To provide our Qantas Frequent Flyers with further visibility, they will be able to view the types of their data that were held on the compromised system once they are logged into their account. We expect this capability will be available from later this week.

Supporting our customers

For further information, refer to our dedicated support line on 1800 971 541 or +61 2 8028 0534, including specialist identity protection advice, or visit our webpage.

Your customers' travel plans

If customers have upcoming travel, there is nothing they need to do. There is no impact to Qantas operations or the safety of the airline. Customers can check their flight details at any time via the Qantas App or via our website.

Actions we are taking:

Additional advice

We recommend that customers take the following general precautionary steps and remain vigilant to any misuse of their personal information:

Customers who believe they have been targeted by scammers should report it to Scamwatch.