Australian airline Qantas confirmed on Wednesday that a cyberattack had compromised the personal information of millions of its customers. The exposed data includes full names, email addresses, phone numbers, birth dates, and frequent flyer numbers.
In a statement, the company said the breach occurred on Monday, targeting one of its call centers. The hacker gained access to a customer service platform operated by a third-party provider, which held records of approximately six million passengers.
While the investigation is still ongoing, Qantas warned that the scale of the data breach is “likely to be significant.” However, the airline assured that no financial information—such as credit card details, passports, or other sensitive credentials—was exposed. Frequent flyer accounts were not compromised, and security credentials remain secure.
The airline, Australia’s largest, emphasized that the incident does not affect flight operations or passenger safety.
“We sincerely apologize to our customers and acknowledge the uncertainty this may cause,” said Qantas CEO Vanessa Hudson in the statement.