Hackers retaliate against Australian airline by publishing customer data on dark web

Australia’s largest airline Qantas, has confirmed that personal data belonging to its customers, stolen during a major cyberattack in the summer of 2025, has been published on the dark web.

The company announced that the data leak occurred after it refused to pay a ransom demanded by the hacker group responsible for the breach, Caliber.Az reports, citing 9News.

The Scattered Lapsus$ Hunters hacker group released a trove of sensitive customer information, including names, dates of birth, email addresses, and frequent flyer loyalty card numbers. The leak also exposed the personal details of prominent Australian politicians and public figures, such as home addresses and phone numbers, raising serious concerns about privacy and potential threats to their safety.

Initial investigations suggest that the cyberattack targeted a Qantas call centre in the Philippines, where hackers were able to access and extract customer data.

Despite the breach, Qantas emphasised that there was no evidence of unauthorised access to credit card or passport details, assuring customers that financial and travel document data remained secure.

In a public statement, the airline said: “With the help of cybersecurity experts, we are investigating what data was published and taking additional security measures.” Qantas also confirmed that it is working closely with government agencies and the Australian Federal Police to identify the extent of the leak and strengthen its cybersecurity infrastructure to prevent future attacks.

The breach affecting Qantas is part of a much larger international cyber incident involving at least 40 major global companies, including Toyota, Disney, and IKEA. The widespread attack allegedly stole nearly 1 billion customer records from the cloud technology company Salesforce in July 2025, which the affected companies use.

The hackers reportedly attempted to extort Salesforce, threatening “massive consequences” if the company refused to comply with their ransom demands. Salesforce, however, took a firm stance against the extortion attempt, declaring that it “refused to engage, negotiate with, or pay any extortion demand.”

By Nazrin Sadigova