Airline Hack Exposes Details Of 5.7M Flyers Including What Some Of Them Ate

Australian airline company, Qantas, has revealed that it suffered a sophisticated cyberattack that affected over 5.7 million of its customers' data. In an update on the incident, the company revealed that of the 5.7 million unique customer records, 4 million contained information related to names, email addresses, and Qantas flyer details.

For the remaining 1.7 million customers, their records contained a mix of some the data fields mentioned above, and other compromised information. This included the addresses of 1.3 million (residential, business and even hotels addresses). The date of birth of 1.1 million, the gender of 400,000 (different from names or salutations), the phone numbers of 900,000 (mobile, landline, and/or business), and the meal choices of 10,000 customers.

In response to the incident, the company has revealed that it has made it a priority to inform customers of the nature of the breach and has also implemented additional security measures to further safeguard customer data.


The company also reiterates its assurance that no credit card, financial, or passport details were stored in the system and therefore, have not been compromised. It further confirmed that personal login information, such as passwords, PINs, and other login details, were not part of the breach.

Some reports indicate that the attacks can be traced to Scattered Spider, a ransomware gang notorious for deploying social engineering tactics to encrypt and exfiltrate companies' data. A few weeks ago, we reported some details about their mode of operation. Qantas has advised its customers to take basic security precautions, urging them to carefully safeguard personal or financial information.