Qantas has confirmed a cyber incident involving a third-party customer service platform hosted in a data centre in the Philippines, which exposed customer data while leaving flights and core systems unaffected. The breach, detected and contained on June 30, has now been neutralised, but customers are urged to stay vigilant to protect their personal information.
What data was stolen?
Qantas reports that the breached system held records for around 6 million customers. The information accessed includes:
- Names
- Email addresses
- Phone numbers
- Dates of birth
- Frequent Flyer numbers
Importantly, Qantas states that no credit card details, bank details, passport numbers, passwords, or PINs were accessed.
What does this mean for you?
While your Frequent Flyer account remains secure, your personal details can be valuable to scammers seeking to impersonate Qantas or other organisations to trick you into handing over sensitive information.
Experts warn that cybercriminals may use the stolen data to:
✅ Attempt phishing scams using accurate personal details
✅ Try password resets on other services linked to your email
✅ Target your Frequent Flyer account for unauthorised access
✅ Sell your data on the dark web
What should you do now?
1️⃣ Be cautious with emails and calls.
If you receive emails claiming to be from Qantas, do not click on links. Go directly to the official Qantas website or app to check your bookings and updates.
2️⃣ Change your passwords.
While login details were not stolen, it’s wise to change your Frequent Flyer password and enable two-factor authentication where possible.
3️⃣ Monitor your accounts.
Keep an eye on your Frequent Flyer points and your linked payment methods for suspicious activity.
4️⃣ Stay informed.
Qantas is contacting affected customers directly and updating information on its dedicated incident page. You can also contact their 24/7 support line at 1800 971 541 (+61 2 8028 0534) for identity protection advice.
Is your travel affected?
No. Qantas has confirmed that flights and bookings remain unaffected. You can continue to manage your bookings via the app or website.
What you should do in Vanuatu
- Monitor your inbox and messages
Stay alert for suspicious emails or SMS claiming to be from Qantas or authorities. Avoid clicking links—visit Qantas directly if in doubt. - Update your Qantas Frequent Flyer password
Enhance protection by enabling two-factor authentication (2FA) if available. - Watch your Frequent Flyer points and accounts
Check for unusual activity. If anything looks off, report it immediately. - Report suspicious identity requests
In case of scams, contact Qantas support or local law enforcement. Even without passport data, scammers may try using other info they’ve obtained.
Bottom line for Vanuatu travelers
- No extra risk exists just because you’re in Vanuatu.
- If you didn’t interact with the Manila call centre, your data likely wasn’t involved.
- That said, everyone in Qantas’ system should remain vigilant—especially with their personal information now circulating among cybercriminals.
Final thoughts
In a year where data breaches have become all too common, this incident reminds us of the importance of proactive digital hygiene. Changing passwords regularly, enabling two-factor authentication, and being vigilant against phishing remain your best defences.
If you are a Qantas customer, take action now to secure your digital life while Qantas continues its investigation. Stay calm, stay alert, and stay informed.
Sources:
- https://www.qantas.com/au/en/support/information-for-customers-on-cyber-incident.html
- https://www.abc.net.au/news/2025-07-03/what-to-do-if-your-data-is-stolen-in-qantas-breach/105487196
- https://www.news.com.au/travel/travel-updates/incidents/cyber-security-expert-says-qantas-data-breach-could-have-devastating-consequences/news-story/3a224669bfb4dc43b10dbb66c372c334?utm_source=chatgpt.com
Mattdotvu 
Leave a comment