Hackers claimed that they have leaked the personal data of over 5 million Qantas customers on the dark web, sparking fear and concerns among airline customers across Australia.
The airline is among over 40 global companies affected by the cyberattack,allegedly compromising over one billion customer records.
The hackers group Scattered Lapsus$ Hunters had earlier demanded ransom to prevent the data leak from a Salesforce database in June.
The leaked personal data includes phone numbers, birth dates, email addresses, and usual flyer numbers; however, no financial or passport details.
Cybersecurity expert Jeremy Kirk stated that the group is well-recognised and operates across different countries, including the US, UK, and Australia, exploiting how companies connect internal systems.
Others affected companies include Disney, Toyota, Gap, Ikea, and Adidas,
Qantas said that its priority remains “continued vigilance and support for customers,” providing a 24/7 helpline and identity protection services.
However, Salesforce refused that its platform was breached, stating that it would not negotiate or pay extortion demands.
The stolen data, obtained between April 2024 and September 2025, also includes employee information.
Experts cautioned that leaked data could be used for identity theft or phishing scams, warning alerts to users for suspicious activity.
