The attack, which targeted a contact center in Manila, was discovered on Monday, after the airline detected unusual activity on a third-party customer service platform. Qantas now reports that all systems are secure. 

In a statement released on Wednesday morning, Qantas confirmed that the stolen data includes customer names, email addresses, phone numbers, birth dates, and frequent-flier numbers. The airline expects that a “significant” proportion of the 6 million customer records on the platform are compromised. Yet Qantas assured customers that credit card and passport details, as well as passwords, were not accessed. 

Qantas also told the Financial Times that it’s investigating whether the cybercriminal group Scattered Spider is responsible for the attack. The FBI recently warned that the group, which is responsible for hacks of major companies like Marks and Spencer and MGM Resorts, is expanding to target airlines and their third-party IT providers.  

“We are working closely with the federal government’s national cybersecurity coordinator, the Australian Cyber Security Centre, and independent specialized cybersecurity experts,” said Qantas CEO Vanessa Hudson, apologizing to customers for the breach. 

The cyberattack is a setback for both Qantas and Hudson, who took over as the airline’s CEO in late 2023 following the abrupt departure of her predecessor Alan Joyce.  

Joyce resigned after a series of scandals at Qantas, including selling tickets to flights the airline had already canceled. The airline was also criticized for poor reliability, job cuts, and alleged anticompetitive behavior.  

Hudson, No. 54 on Fortune’s Most Powerful Women ranking, has worked hard to restore Qantas’s reputation since taking over as CEO. In May 2024, the Australian Federal Court ordered the airline to pay 100 million Australian dollars ($66 million) in penalties for the “ghost flights” incident, as well as up to 450 Australian dollars ($295) to each of the more than 86,000 affected customers.  

Despite these challenges, Qantas’s business is proving strong as travel recovers after the COVID pandemic. The airline reported $595 million in post-tax profit for the six months ended in December, a 6% year-on-year increase. Hudson has won praise not just for the airline’s financial turnaround, but also for a focus on rebuilding trust with employees, customers, and regulators, a sharp contrast to her predecessor who was accused at a parliamentary committee of prioritizing profits over public goodwill.  

Qantas shares are up by almost 80% over the past 12 months.