Aviation News – The personal data of more than 5.7 million Qantas customers has been leaked on the dark web after the airline reportedly refused to pay a ransom to a cyber extortion group.
The breach, confirmed on October 11, 2025, was carried out by the hacker collective Scattered Lapsus$ Hunters, which claimed responsibility after its threats last week. The exposed information includes names, email addresses, and frequent flyer numbers. In some cases, more sensitive data such as home addresses, birth dates, and phone numbers were also compromised.
Cyber experts say the attack was part of a growing trend of high-profile data breaches targeting major corporations. The hackers allegedly accessed Qantas’s frequent flyer database before posting the stolen information online when their ransom demands went unmet.
A Qantas spokesperson said the airline is working closely with cybersecurity authorities and regulators to investigate the breach. “We take the protection of our customers’ data extremely seriously and are contacting affected members directly with guidance on next steps,” the spokesperson stated.
The airline is expected to strengthen its cybersecurity measures and review its data protection systems to prevent future breaches. Authorities have urged affected customers to monitor their accounts for suspicious activity and update passwords immediately.
The incident marks one of the largest data leaks in Australia’s aviation history, underscoring the growing threat of cybercrime to global airlines. Experts warn that more robust digital security frameworks and international cooperation will be critical to safeguarding passenger data in the future.
Photo Rob Vogelaar