An Australian airline data breach has exposed the personal information of 5.7 million Qantas customers after hackers targeted a third-party software system earlier this year. The stolen data has now been leaked online as part of a global cyberattack affecting multiple major firms.
According to reports, Disney, Google, Ikea, Toyota, McDonald’s, Air France, and KLM were also impacted by the same breach, which targeted software giant Salesforce. The company recently confirmed that it was “aware of extortion attempts by threat actors” following the incident.
The Australian carrier said hackers gained access to sensitive information through a customer contact platform managed by Salesforce. Exposed data includes customer names, email addresses, phone numbers, dates of birth, and frequent flyer details.
While most of the leaked data involved basic contact and loyalty details, some records also contained addresses, gender, and meal preferences. However, Qantas clarified that no credit card, passport, or financial data was compromised.
In response to the Australian airline data breach, the company secured a legal injunction from the Supreme Court of New South Wales to restrict access to the stolen information. Cybersecurity expert Troy Hunt told AFP the move would have “little real-world impact,” noting that it cannot stop criminals from sharing the data internationally.
Qantas said it continues to cooperate with Australian security agencies and assured customers that no further breaches have occurred since the July cyberattack.