Toggle sidebar Toggle sidebar
New Design
  1. Enable New Design

Your personal details are on the dark web—here's what you need to know

Michelle Engbino
By Michelle Engbino
  • Replies 4
News & Politics

Your personal details are on the dark web—here's what you need to know

compressed-sam-carter-I47Ik4KWJIE-unsplash.jpeg Your personal details are on the dark web—here's what you need to know
As investigations unfold, Qantas faces potential fines and lawsuits, while Salesforce grapples with reputational fallout. Image source: Sam Carter / Unsplash.

If you've ever booked a flight with Qantas, there's a fair chance your personal information is now floating around in the darker corners of the internet.



The airline has confirmed that hackers have released the personal details of 5.7 million customers onto the dark web, making this one of the most significant data breaches to hit Australian consumers.



But before you panic, let's break down exactly what happened, what information was taken, and most importantly, what you can do to protect yourself.





How did hackers fool their way into Qantas systems?



The attack wasn't some sophisticated computer hacking you might see in movies. Instead, the cybercriminals used one of the oldest tricks in the book—they simply called up and pretended to be legitimate IT staff. The FBI issued a warning last month about such attacks, noting that hackers often pretend to be from IT departments to trick customer support staff.




The hackers, known as 'Scattered Lapsus$ Hunters,' targeted a Qantas customer contact centre in Manila, Philippines, back in July. They called the IT desk, posed as legitimate employees, and convinced staff to give them access to a computer system run by cloud technology company Salesforce.



The same hacker group is believed to have stolen almost one billion records of customer data globally through this method, targeting around 40 major companies including Qantas, Toyota, Disney, and IKEA.



This type of attack, called 'social engineering,' relies on human psychology rather than technical wizardry. As cybersecurity expert Hunt explained: 'They have been very effective. And it hasn't been using any sophisticated technical exploits... they have exploited really the oldest tricks in the books.'










'You can outsource parts of your business, but you don't outsource the law'

Tony Burke, Home Affairs Minister



The staggering scale of this breach



This wasn't just an attack on Qantas—it was part of a massive global extortion scheme. The same hacker group hit 40 companies in total, including household names like Google, McDonald's, and fellow airlines Air France and KLM.



For Qantas specifically, the hackers made off with over 153 gigabytes of data covering more than five million customer records. When their ransom demands weren't met, they began posting the information on the dark web.



The dark web is a hidden part of the internet that requires special software to access, where criminals often trade stolen information. Once your data appears there, it can be bought and sold by scammers looking to target you with convincing fraud attempts.









What information was actually taken?



The good news is that credit card details, personal financial information, and passport details weren't stored on the compromised system, so they remain safe. [9] Your Qantas frequent flyer account passwords and PINs are also secure.



However, the hackers did get their hands on different combinations of personal information depending on your relationship with Qantas:



For about 4 million customers, the breach was limited to names, email addresses, and Qantas frequent flyer details. Within this group, 2.8 million records also included frequent flyer numbers, with many showing membership tier and some including points balances.









For the remaining 1.7 million customers, records included various combinations of the above information plus addresses (affecting 1.3 million people—a mix of home and business addresses), phone numbers, dates of birth, gender, and even meal preferences.




Data breakdown by numbers


5.7 million total customers affected


4 million had names, emails, and frequent flyer details exposed


1.3 million had home or business addresses stolen


400,000 had gender information taken


153GB of total data leaked to the dark web




Government promises accountability



Home Affairs and Cyber Security Minister Tony Burke has made it clear that Qantas won't escape responsibility just because the breach happened at an outsourced call centre. As Qantas CEO Vanessa Hudson stated: 'We sincerely apologise to our customers and we recognise the uncertainty this will cause. Our customers trust us with their personal information and we take that responsibility seriously.'



Burke's message to companies was blunt: 'You can outsource parts of your business, but you don't outsource the law.' He guaranteed that authorities would use all available laws to hold the airline accountable, regardless of where the actual breach occurred.









Qantas has implemented additional cyber security measures since the incident and remains in constant contact with the National Cyber Security Coordinator, the Australian Cyber Security Centre and the Australian Federal Police.



What scammers might do with your information



The real danger now lies in what criminals might do with this treasure trove of personal information. Burke warned that scammers often use stolen data to make their fraud attempts more convincing.



'There are some people where it's phone numbers, there are some people where it's addresses, and there will be some people where they get a cold call from somebody who sounds like they're from Qantas, who sounds like they're from a company where they've got enough information that you think it's legit,' Burke explained.









This is particularly concerning because Qantas has confirmed they've been contacted by 'somebody purporting to be the criminal actor' responsible for the breach. This suggests active criminal interest in exploiting the stolen information.




Red flags to watch for



  • Unexpected calls claiming to be from Qantas or other companies

  • Requests for passwords, PINs, or login details (Qantas will never ask for these)

  • Callers who know specific details about your travel or personal information

  • Urgent requests to 'verify' or 'update' your account details

  • Offers that seem too good to be true related to flights or rewards




Your action plan to stay safe



The most important advice from cybersecurity experts is refreshingly simple: if you receive an unexpected call, hang up and call back through official channels.



Customers are advised to independently verify the identity of any caller and are reminded that Qantas will never request passwords or sensitive login information. A dedicated 24/7 support line has been established to assist customers with specialist identity protection advice.









Burke emphasised this point: 'What they are trying to do is to get more information from you. And the very simple piece of advice, if you're getting a call you're not expecting, hang up, call back through the official line.'



He also warned that artificial intelligence is making these scams more sophisticated: 'We're used to cyber being something that's done at the technical level, but with the improvements in artificial intelligence, increasingly, you'll hear a friendly voice, sometimes a familiar voice, on the other end of the phone.'



Australia's growing cyber threat problem



This hack comes as Australia faces a string of major cyberattacks that have raised serious concerns about the protection of personal data. The scale potentially matches the 2022 Optus hack that similarly exposed millions of Australians' personal information.









Major Australian ports handling 40 per cent of the country's freight trade ground to a halt in 2023 after hackers infiltrated computers belonging to operator DP World. Even Qantas itself apologised last year after a glitch with its mobile app exposed some passengers' names and travel details.



These incidents highlight how interconnected our digital systems have become, and how one vulnerability can cascade into a crisis affecting millions of people.



Did you know?


Did you know?
Social engineering attacks like the one used against Qantas are responsible for about 85 per cent of successful data breaches, according to cybersecurity research. This is because it's often easier to trick a human than to break through technical security systems.



Legal protections and what happens next



Qantas has obtained a legal injunction through the Supreme Court of New South Wales to prevent the stolen data from being 'accessed, viewed, released, used, transmitted or published.'









However, cybersecurity expert Troy Hunt told AFP that this would do little to prevent the spread of the data: 'It obviously doesn't stop criminals at all anywhere, and it also really doesn't have any effect on people outside of Australia.'



As investigations unfold, Qantas faces potential fines and lawsuits, while Salesforce grapples with reputational fallout. The event serves as a stark reminder that in an era of interconnected tech ecosystems, one vulnerability can cascade into a crisis affecting millions.



The breach has prompted notifications to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and the Australian Federal Police has also been notified given the criminal nature of the incident.











Example Scenario


  1. If you're a Qantas customer affected by this breach, you should have received direct notification from the airline by now. If you haven't heard from them but are concerned, you can call their dedicated support line. The key thing to remember is to stay vigilant for suspicious contacts over the coming months, and never give out personal information to unexpected callers.





Staying one step ahead of the scammers



Burke sent a warning that these types of attacks will only increase: 'These sorts of styles of attack will increase.' But you're not powerless against them.



The golden rule remains simple: be suspicious of unexpected contact, verify independently, and never hand over personal information to someone who calls you out of the blue—no matter how convincing they sound or how much they seem to know about you.



What This Means For You


If you're a Qantas customer and haven't yet heard from the airline about whether you're affected, you can check their website or call their customer service line. Remember, legitimate companies will never ask for passwords or financial details over the phone.



Have you received any suspicious calls since this breach was announced? We'd love to hear about your experiences and any tips you have for staying safe in the comments below.





  • Primary Source


    https://www.9news.com.au/national/qantas-data-breach-salesforce/cc149e0a-3ba5-4235-8c22-1c855e2ade01





  • Qantas Data Breach: Hackers Leak Details of 5.7 Million Customers in Global Salesforce Cyberattack | Central News South Africa

    Cited text: Experts say the hackers used social engineering—a simple but effective trick where they pose as trusted company representatives or IT support to foo...


    Excerpt: The attack wasn't some sophisticated computer hacking you might see in movies. Instead, the cybercriminals used one of the oldest tricks in the book—they simply called up and pretended to be legitimate IT staff.



    https://centralnews.co.za/qantas-da...n-customers-in-global-salesforce-cyberattack/





  • Qantas reveals data of millions leaked online months after breach | Daily Sabah

    Cited text: The FBI last month issued a warning about such attacks targeting Salesforce. The agency said hackers posing as IT workers had tricked customer support...


    Excerpt: The attack wasn't some sophisticated computer hacking you might see in movies. Instead, the cybercriminals used one of the oldest tricks in the book—they simply called up and pretended to be legitimate IT staff.



    https://www.dailysabah.com/business...of-millions-leaked-online-months-after-breach





  • Qantas Data Breach: Hackers Leak Details of 5.7 Million Customers in Global Salesforce Cyberattack | Central News South Africa

    Cited text: Qantas first revealed the incident in July 2025, saying hackers accessed a computer system at one of its customer contact centres run by a third-party...


    Excerpt: The hackers, known as 'Scattered Lapsus$ Hunters,' targeted a Qantas customer contact centre in Manila, Philippines, back in July.



    https://centralnews.co.za/qantas-da...n-customers-in-global-salesforce-cyberattack/





  • Qantas details impact of data breach on 5.7 million customers | Computer Weekly

    Cited text: Qantas has started updating 5.7 million customers whose personal data was compromised during a cyber incident at one of its call centres based in Mani...


    Excerpt: The hackers, known as 'Scattered Lapsus$ Hunters,' targeted a Qantas customer contact centre in Manila, Philippines, back in July.



    https://www.computerweekly.com/news...impact-of-data-breach-on-57-million-customers





  • Qantas Data Breach: Hackers Leak Details of 5.7 Million Customers in Global Salesforce Cyberattack | Central News South Africa

    Cited text: Cybersecurity analyst Hunt explained: “They have been very effective. And it hasn’t been using any sophisticated technical exploits… they have exploit...


    Excerpt: As cybersecurity expert Hunt explained: 'They have been very effective. And it hasn't been using any sophisticated technical exploits... they have exploited really the oldest tricks in the books.'



    https://centralnews.co.za/qantas-da...n-customers-in-global-salesforce-cyberattack/





  • Qantas Data Breach: Hackers Leak Details of 5.7 Million Customers in Global Salesforce Cyberattack | Central News South Africa

    Cited text: The breach is part of a wider extortion scheme targeting dozens of global companies using software from tech firm Salesforce.


    Excerpt: This wasn't just an attack on Qantas—it was part of a massive global extortion scheme.



    https://centralnews.co.za/qantas-da...n-customers-in-global-salesforce-cyberattack/





  • Qantas Data Breach: Hackers Leak Details of 5.7 Million Customers in Global Salesforce Cyberattack | Central News South Africa

    Cited text: Disney, Google, IKEA, Toyota, McDonald’s, and airlines like Air France and KLM have all reported data thefts linked to the same group.


    Excerpt: This wasn't just an attack on Qantas—it was part of a massive global extortion scheme.



    https://centralnews.co.za/qantas-da...n-customers-in-global-salesforce-cyberattack/





  • Qantas Data Breach: Hackers Leak Details of 5.7 Million Customers in Global Salesforce Cyberattack | Central News South Africa

    Cited text: For Qantas, this includes over 153 GB of data covering more than five million records with personal identifiable information like dates of birth and f...


    Excerpt: For Qantas specifically, the hackers made off with over 153 gigabytes of data covering more than five million customer records.



    https://centralnews.co.za/qantas-da...n-customers-in-global-salesforce-cyberattack/





  • Qantas details impact of data breach on 5.7 million customers | Computer Weekly

    Cited text: The investigation confirmed that no credit card details, personal financial information or passport details were stored on the compromised system and,...


    Excerpt: credit card details, personal financial information, and passport details weren't stored on the compromised system, so they remain safe.



    https://www.computerweekly.com/news...impact-of-data-breach-on-57-million-customers





  • Qantas details impact of data breach on 5.7 million customers | Computer Weekly

    Cited text: Similarly, Qantas frequent flyer accounts are not directly affected, with no passwords, PINs or login details being exposed.


    Excerpt: Your Qantas frequent flyer account passwords and PINs are also secure.



    https://www.computerweekly.com/news...impact-of-data-breach-on-57-million-customers





  • Qantas details impact of data breach on 5.7 million customers | Computer Weekly

    Cited text: However, the analysis revealed that for about four million customers, the breach was limited to names, email addresses and Qantas frequent flyer detai...


    Excerpt: For about 4 million customers, the breach was limited to names, email addresses, and Qantas frequent flyer details.



    https://www.computerweekly.com/news...impact-of-data-breach-on-57-million-customers





  • Qantas confirms data breach impacts 5.7 million customers

    Cited text: 2.8 million customer records contained name, email address and Qantas Frequent Flyer number. The majority of these also had tier included.


    Excerpt: For about 4 million customers, the breach was limited to names, email addresses, and Qantas frequent flyer details.



    https://www.bleepingcomputer.com/ne...rms-data-breach-impacts-57-million-customers/





  • Qantas confirms data breach impacts 5.7 million customers

    Cited text: Of the remaining 1.7 million customers, their records included a combination of some of the data fields above and one or more of the following: Addres...


    Excerpt: For the remaining 1.7 million customers, records included various combinations of the above information plus addresses (affecting 1…



    https://www.bleepingcomputer.com/ne...rms-data-breach-impacts-57-million-customers/





  • QANTAS CYBER INCIDENT

    Cited text: Qantas Group Chief Executive Officer Vanessa Hudson said: “We sincerely apologise to our customers and we recognise the uncertainty this will cause. O...


    Excerpt: As Qantas CEO Vanessa Hudson stated: 'We sincerely apologise to our customers and we recognise the uncertainty this will cause.



    https://www.qantasnewsroom.com.au/media-releases/qantas-cyber-incident/





  • Qantas details impact of data breach on 5.7 million customers | Computer Weekly

    Cited text: “From today, we are reaching out to customers to notify them of the specific personal data fields that were held in the compromised system and offer a...


    Excerpt: Qantas has implemented additional cyber security measures since the incident and remains in constant contact with the National Cyber Security Coordinator, the Australian Cyber Security Centre and the Australian Federal Police.



    https://www.computerweekly.com/news...impact-of-data-breach-on-57-million-customers





  • Qantas details impact of data breach on 5.7 million customers | Computer Weekly

    Cited text: In an interview with Australian broadcaster ABC, Hudson said Qantas has been contacted by “somebody purporting to be the criminal actor” responsible f...


    Excerpt: Qantas has confirmed they've been contacted by 'somebody purporting to be the criminal actor' responsible for the breach.



    https://www.computerweekly.com/news...impact-of-data-breach-on-57-million-customers





  • Qantas details impact of data breach on 5.7 million customers | Computer Weekly

    Cited text: Customers are advised to independently verify the identity of any caller and are reminded that Qantas will never request passwords or sensitive login ...


    Excerpt: Customers are advised to independently verify the identity of any caller and are reminded that Qantas will never request passwords or sensitive login information.



    https://www.computerweekly.com/news...impact-of-data-breach-on-57-million-customers





  • Qantas details impact of data breach on 5.7 million customers | Computer Weekly

    Cited text: A dedicated 24/7 support line has been established to assist customers with specialist identity protection advice.


    Excerpt: A dedicated 24/7 support line has been established to assist customers with specialist identity protection advice.



    https://www.computerweekly.com/news...impact-of-data-breach-on-57-million-customers





  • Australian airline Qantas confirms data breach, 5.7 million customers affected

    Cited text: “And it hasn’t been using any sophisticated technical exploits… they have exploited really the oldest tricks in the books.” · The hack of data from Au...


    Excerpt: This hack comes as Australia faces a string of major cyberattacks that have raised serious concerns about the protection of personal data.



    https://punchng.com/australian-airline-qantas-confirms-data-breach-5-7-million-customers-affected/





  • Qantas reveals data of millions leaked online months after breach | Daily Sabah

    Cited text: The hack of data from Australia's biggest airline comes as a string of major cyberattacks in the country has raised concerns about the protection of p...


    Excerpt: This hack comes as Australia faces a string of major cyberattacks that have raised serious concerns about the protection of personal data.



    https://www.dailysabah.com/business...of-millions-leaked-online-months-after-breach





  • Qantas Data Breach: Hackers Leak Details of 5 Million Customers

    Cited text: In a statement, the airline emphasized that no payment information was compromised, echoing sentiments from earlier breaches like the 2022 Optus hack ...


    Excerpt: The scale potentially matches the 2022 Optus hack that similarly exposed millions of Australians' personal information.



    https://www.webpronews.com/qantas-data-breach-hackers-leak-details-of-5-million-customers/





  • Australian airline Qantas confirms data breach, 5.7 million customers affected

    Cited text: Qantas apologised last year after a glitch with its mobile app exposed some passengers’ names and travel details.


    Excerpt: The scale potentially matches the 2022 Optus hack that similarly exposed millions of Australians' personal information.



    https://punchng.com/australian-airline-qantas-confirms-data-breach-5-7-million-customers-affected/





  • Australian airline Qantas confirms data breach, 5.7 million customers affected

    Cited text: And major ports handling 40 per cent of Australia’s freight trade ground to a halt in 2023 after hackers infiltrated computers belonging to operator D...


    Excerpt: Major Australian ports handling 40 per cent of the country's freight trade ground to a halt in 2023 after hackers infiltrated computers belonging to operator DP World.



    https://punchng.com/australian-airline-qantas-confirms-data-breach-5-7-million-customers-affected/





  • Qantas reveals data of millions leaked online months after breach | Daily Sabah

    Cited text: And major ports handling 40 per cent of Australia's freight trade ground to a halt in 2023 after hackers infiltrated computers belonging to operator DP World....


    Excerpt: Major Australian ports handling 40 per cent of the country's freight trade ground to a halt in 2023 after hackers infiltrated computers belonging to operator DP World.



    https://www.dailysabah.com/business...of-millions-leaked-online-months-after-breach





  • Qantas reveals data of millions leaked online months after breach | Daily Sabah

    Cited text: Qantas apologized last year after a glitch with its mobile app exposed some passengers' names and travel details.


    Excerpt: Even Qantas itself apologised last year after a glitch with its mobile app exposed some passengers' names and travel details.



    https://www.dailysabah.com/business...of-millions-leaked-online-months-after-breach





  • Australian airline Qantas confirms data breach, 5.7 million customers affected

    Cited text: It also said it had obtained a legal injunction with the Supreme Court of New South Wales, where the firm is headquartered, to prevent the stolen data...


    Excerpt: Qantas has obtained a legal injunction through the Supreme Court of New South Wales to prevent the stolen data from being 'accessed, viewed, released, used, transmitted or published.'



    https://punchng.com/australian-airline-qantas-confirms-data-breach-5-7-million-customers-affected/





  • Qantas reveals data of millions leaked online months after breach | Daily Sabah

    Cited text: It also said it had obtained a legal injunction with the Supreme Court of New South Wales, where the firm is headquartered, to prevent the stolen data...


    Excerpt: Qantas has obtained a legal injunction through the Supreme Court of New South Wales to prevent the stolen data from being 'accessed, viewed, released, used, transmitted or published.'



    https://www.dailysabah.com/business...of-millions-leaked-online-months-after-breach





  • Australian airline Qantas confirms data breach, 5.7 million customers affected

    Cited text: Cybersecurity expert Troy Hunt told AFP that it would do little to prevent the spread of the data. ... “It obviously doesn’t stop criminals at all any...


    Excerpt: cybersecurity expert Troy Hunt told AFP that this would do little to prevent the spread of the data: 'It obviously doesn't stop criminals at all anywhere, and it also really doesn't have any effect on people outside of Australia.'



    https://punchng.com/australian-airline-qantas-confirms-data-breach-5-7-million-customers-affected/





  • Qantas reveals data of millions leaked online months after breach | Daily Sabah

    Cited text: Cybersecurity expert Troy Hunt told Agence France-Presse (AFP) that would do little to prevent the spread of the data. ... 'It obviously doesn't stop ...


    Excerpt: cybersecurity expert Troy Hunt told AFP that this would do little to prevent the spread of the data: 'It obviously doesn't stop criminals at all anywhere, and it also really doesn't have any effect on people outside of Australia.'



    https://www.dailysabah.com/business...of-millions-leaked-online-months-after-breach





  • Qantas Data Breach: Hackers Leak Details of 5 Million Customers

    Cited text: As investigations unfold, Qantas faces potential fines and lawsuits, while Salesforce grapples with reputational fallout. The event serves as a stark ...


    Excerpt: As investigations unfold, Qantas faces potential fines and lawsuits, while Salesforce grapples with reputational fallout.



    https://www.webpronews.com/qantas-data-breach-hackers-leak-details-of-5-million-customers/





  • QANTAS CYBER INCIDENT

    Cited text: Qantas has notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. Given the criminal nature of this ...


    Excerpt: notifications to the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and the Australian Federal Police has also been notified given the criminal nature of the incident.



    https://www.qantasnewsroom.com.au/media-releases/qantas-cyber-incident/

Seniors Discount Club

The SDC searches for the best deals, discounts, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.
  1. New members
  2. Jokes & fun
  3. Photography
  4. Nostalgia / Yesterday's Australia
  5. Food and Lifestyle
  6. Money Saving Hacks
  7. Offtopic / Everything else
Full Forum Listing

Latest Articles

Last edited:
  • Sad
Reactions: Ann Melling
Click to expand...

Seniors Discount Club

Sponsored content

Info
Loading data . . .
I have not used Qantas for about 3. /4 years now so here’s hoping my records were not amongst the
Active files. All one can do is be vigilant.
 
  • Like
Reactions: Sherril54, PattiB and Jash
Same thing happened a couple of years ago with Medibank. Obviously everybody with Qantas including me just have to be very careful with now even more scammers coming at you. Just be vigilant with who contacts you.
 
  • Like
Reactions: Sherril54 and PattiB
I received a call from Ivory Coast and do know anybody in that country. I just did not answer the call.
 
To Kerrydead2222 .. don’t worry you are not alone I keep getting calls with
Unknown numbers as soon as I see the number registered on my phone I let them ring out.
They do try again but it’s the same procedure just let it ring out. if it’s someone known
to you they will leave a message.
 
You must log in or register to reply here.

Join the conversation

News, deals, games, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.
Register Now Member Login

Seniors Discount Club

The SDC searches for the best deals, discounts, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.
  1. New members
  2. Jokes & fun
  3. Photography
  4. Nostalgia / Yesterday's Australia
  5. Food and Lifestyle
  6. Money Saving Hacks
  7. Offtopic / Everything else
Full Forum Listing

Latest Articles

  • We believe that retirement should be a time to relax and enjoy life, not worry about money. That's why we're here to help our members make the most of their retirement years. If you're over 60 and looking for ways to save money, connect with others, and have a laugh, we’d love to have you aboard.
  • Advertise with us

Main Menu

Home Privacy policy Terms and rules Contact us

User Menu

Login

Enjoyed Reading our Story?

  • Share this forum to your loved ones.
Community platform by XenForo® © 2010-2023 XenForo Ltd. | Style and add-ons by ThemeHouse | Please note that no information we provide constitutes financial advice. The Seniors Discount Club is a free resource, supported by advertising. We're committed to being 100% transparent & honest about where we make money. If you see an asterisk (*) next to one of our links, it means we have a commercial relationship with that business. SDC may receive a commission on purchases made through our Amazon links. | The Seniors Discount Club is not affiliated with any Australian State and Territory governments. If you are are looking for your state or territories official programs, please select one of the following links: NSW VIC SA WA TAS QLD NT ACT | Media embeds via s9e/MediaSites
Top Bottom
Back
Change Weather Postcode×
Change Petrol Postcode×