Qantas Airways confirmed that customer data stolen in a July cyberattack was published by the hacker collective Scattered Lapsus$ Hunters after a ransom deadline passed, per Guardian Australia.
The breach, one of Australia’s largest in years, exposed sensitive details like phone numbers, birth dates, and addresses for over one million customers, with names and emails of four million others compromised
Qantas stated, “We’re investigating the data release with cybersecurity experts.” An injunction prevents further access or distribution of the stolen data. The breach, via a third-party platform, follows high-profile Australian cyberattacks on Optus and Medibank in 2022, prompting stricter cyber resilience laws.
Qantas says customer data released by cyber criminals months after cyber breach https://t.co/1LDfU2RXfw https://t.co/1LDfU2RXfw
— Reuters (@Reuters) October 12, 2025The incident mirrors recent cyberattacks. Britain’s Jaguar Land Rover (JLR) faced a six-week shutdown, costing £50 million weekly, restarting production on October 8 with a £1.5 billion government loan guarantee. A ransomware attack on European airports disrupted check-in services. These highlight growing global cyber vulnerabilities.
The Qantas breach underscores the rising threat to businesses, risking customer trust and financial stability. Australia’s cyber laws aim to bolster defences, but the sophistication of hackers challenges progress.
