Qantas Company Cyber Security Posture
qantas.comWe would like to acknowledge the Traditional Custodians of the local lands and waterways on which we live, work and fly. We pay our respects to Elders past and present. ย Spirit is everything to us, and joining the Qantas team means bringing your spirit to ours. We have over 26,000 exceptional employees, and every year we fly millions of customers around Australia and the world โ together.ย ย If you hop on board with the team, you'll experience a workplace where creativity, diversity and innovation are encouraged. We aim to give every member of the Qantas Group the support to follow their dreams, face new challenges, and let their future take flight. Ultimately, people are our priority โ those who work for us and those who travel with us.ย Member of the oneworld Alliance. Please read the Qantas LinkedIn House Rules at http://bit.ly/QFhouserules
Qantas Company Details
qantas
16861 employees
547735.0
481
Airlines and Aviation
qantas.com
Scan still pending
QAN_1344183
In-progress
Qantas Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Qantas Global Score.png)
Qantas Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Qantas Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Qantas | Breach | 85 | 4 | 7/2025 | QAN609070225 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Australian airline Qantas suffered a cyber incident where hackers breached a contact center containing 6 million customer records. The data stolen includes customer names, emails, phone numbers, frequent flyer numbers, and birth dates. The airline confirmed that financial information and passport details were not compromised. The attack, which appears to be contained, has raised concerns in the airline industry about cyberattacks. | |||||||
| Qantas Airways | Cyber Attack | 85 | 4 | 7/2025 | QAN612070225 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Qantas Airways, Australiaโs flagship carrier, experienced a significant cybersecurity breach affecting up to 6 million customers. Cybercriminals gained unauthorized access to a third-party customer service platform used by the airlineโs contact centre operations. The compromised data includes names, emails, phone numbers, birth dates, and frequent flyer numbers, but no financial data. The airline has contained the system, notified authorities, and implemented additional security measures. A dedicated support hotline has been established, and flight operations remain unaffected. | |||||||
| Qantas | Breach | 85 | 4 | 7/2025 | QAN535071025 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: The Qantas incident exposed the details of up to 5.7 million customers, leading to a rise in sophisticated hybrid scams that combine digital theft and physical-world exploitation. Victims are manipulated into sharing one-time passcodes, resulting in significant financial losses. Banks often refuse reimbursement, citing a breach of terms, and law enforcement is reluctant to investigate, leaving victims with little recourse. | |||||||
Qantas Company Subsidiaries
We would like to acknowledge the Traditional Custodians of the local lands and waterways on which we live, work and fly. We pay our respects to Elders past and present. ย Spirit is everything to us, and joining the Qantas team means bringing your spirit to ours. We have over 26,000 exceptional employees, and every year we fly millions of customers around Australia and the world โ together.ย ย If you hop on board with the team, you'll experience a workplace where creativity, diversity and innovation are encouraged. We aim to give every member of the Qantas Group the support to follow their dreams, face new challenges, and let their future take flight. Ultimately, people are our priority โ those who work for us and those who travel with us.ย Member of the oneworld Alliance. Please read the Qantas LinkedIn House Rules at http://bit.ly/QFhouserules
Access Data Using Our API
Get company history
Rapid.png)
Qantas Cyber Security News
Why the Qantas hack should send chills around corporate Australia
The lesson here isn't that the airline failed โ it's that most Australian companies don't yet have the visibility or capability to avoid theย ...
Qantas attack reveals one phone call is all it takes to crack cybersecurityโs weakest link: humans
Other sectors also at risk from attacks, including healthcare, finance and telecommunications, expert warns.
Qantas says cyberattack affected 5.7 million customers
The incident follows a notorious hacker gang's pivot to targeting transportation companies with its trademark social-engineering attacks.
Qantas confirms personal data of over a million customers leaked in breach
Australia's Qantas Airways said on Wednesday more than a million customers had their phone number, birth date or home address accessed inย ...
Qantas cyberattack: learnings for brokers
The data of 5.7 million customers was compromised but there was no evidence any stolen information was "released"
Qantas data breach exposes up to six million customer profiles
The airline was hit by a cyber attack on a platform storing names, email addresses and phone numbers.
The Qantas Cyber Attack: A Wake-Up Call for Cybersecurity in Critical Industries
The 2024 cyberattack on Qantas Airways, which exposed the personal data of 6 million customers, has become a defining moment in theย ...
How can we stay safe after data breaches? Step 1 is to change the cybersecurity laws
How can we stay safe after data breaches? Step 1 is to change the cybersecurity laws. Published: July 9, 2025 10:20pm EDT.
Australian Airline Qantas Confirms Contact With Possible Hackers
Last week, Australian airline Qantas reported a data breach that saw the personal information of up to six million customers put in jeopardy.
Qantas Similar Companies
Iberia
Iberia is Spainโs number-one airline group and the leader in the Europe-Latin America market, with the single greatest array of destinations and flight frequencies. Together with British Airways, weโre part of the IAG Group, with the third-highest receipts in Europe and sixth worldwide.. Iberia is a
Aerolineas Argentinas
Aerolโโ neas Argentinas es la compaโยฑโโ a lโโ der en el mercado aerocomercial argentino y referente en la regiโโฅn desde 1950. Su flota de 84 aviones alcanza 38 destinos en Argentina y otros 22 a nivel regional e internacional. Con la reciente incorporaciโโฅn de 2 aeronaves de cargas, la compaโยฑโโ a expan
American Airlines
Embark on an adventure with a commitment to service, excellence and humanity. Our team is what powers our airline. We are proudly dedicated to our purpose of caring for people on lifeโs journey, including connecting our customers to the people and places they love or providing our team members devel
GOL Linhas Aรฉreas
Somos a maior Companhia Aรฉrea do Paรญs e estamos entre as que mais crescem no mundo. A nossa histรณria comeรงou em 2001 e, desde entรฃo, somos responsรกveis por inovar o mercado da aviaรงรฃo no Brasil. Tudo isso graรงas ร dedicaรงรฃo do nosso Time para garantir o nosso Valor nรบmero 1, a Seguranรงa, entregand
Servisair
Servisair is a leading global provider of aviation ground services delivering an integrated range of handling solutions across 128 locations. We form part of the Derichebourg Group, which also has divisions in Corporate and Environmental Services, collectively employing 47,000 staff throughout 30
Malaysia Airports
Our Vision A Global Airport Group That Champions Connectivity and Sustainability Our Brand Promise Hosting Joyful Connections About Malaysia Airports Malaysia Airports manages and operates 39 airports in Malaysia and one international airport in Istanbul, Turkey. The 39 airports in Malays
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Qantas CyberSecurity History Information
How many cyber incidents has Qantas faced?
Total Incidents: According to Rankiteo, Qantas has faced 3 incidents in the past.
What types of cybersecurity incidents have occurred at Qantas?
Incident Types: The types of cybersecurity incidents that have occurred incidents Breach and Cyber Attack.
What was the total financial impact of these incidents on Qantas?
Total Financial Loss: The total financial loss from these incidents is estimated to be $6 thousand.
How does Qantas detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through law enforcement notified with Yes, but rarely pursued and incident response plan activated with Yes and third party assistance with Yes and law enforcement notified with Yes and containment measures with System contained, additional security measures implemented and communication strategy with Dedicated support hotline established and enhanced monitoring with Yes and law enforcement notified with Australian Cyber Security Centre, Australian Federal Police, Office of the Australian Information Commissioner and communication strategy with Email notifications, Support line for customers.
Incident Details
Can you provide details on each incident?
Incident : Fraud
Title: Convergence Scam Targeting Bank Customers
Description: Scammers are using stolen personal data to mimic bank calls and trick victims into sharing one-time passcodes, leading to financial loss.
Type: Fraud
Attack Vector: Social Engineering
Vulnerability Exploited: Personal Data Leaks
Threat Actor: Cyber Criminals
Motivation: Financial Gain
Incident : Data Breach
Title: Qantas Airways Cybersecurity Breach
Description: A significant cybersecurity breach affecting up to 6 million customers, with cybercriminals gaining unauthorized access to a third-party customer service platform used by the airlineโs contact centre operations.
Date Detected: Monday
Type: Data Breach
Attack Vector: Third-party customer service platform
Threat Actor: Cybercriminals
Motivation: Data Theft
Incident : Data Breach
Title: Qantas Data Breach
Description: Qantas warned customers that a cyber incident exposed customer data, including names, emails, phone numbers, frequent flyer numbers, and birth dates.
Date Detected: 2024-07-15
Date Publicly Disclosed: 2024-07-17
Type: Data Breach
Attack Vector: Phishing
Threat Actor: Scattered Spider
Motivation: Data Theft
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Stolen personal data, Third-party customer service platform and Third-party customer servicing platform.
Impact of the Incidents
What was the impact of each incident?
Incident : Fraud QAN535071025
Financial Loss: A$6,000 (example case)
Data Compromised: Personal data, credit card details
Customer Complaints: Significant
Brand Reputation Impact: High
Identity Theft Risk: High
Payment Information Risk: High
Incident : Data Breach QAN612070225
Data Compromised: Names, Email addresses, Phone numbers, Birth dates, Frequent flyer numbers
Systems Affected: Third-party customer service platform
Incident : Data Breach QAN609070225
Data Compromised: Customer names, Emails, Phone numbers, Frequent flyer numbers, Birth dates
Systems Affected: Third-party customer servicing platform
What is the average financial loss per incident?
Average Financial Loss: The average financial loss per incident is $2.00 thousand.
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, phone numbers, emails, card details, Names, Email addresses, Phone numbers, Birth dates, Frequent flyer numbers and Personally Identifiable Information.
Which entities were affected by each incident?
Incident : Fraud QAN535071025
Entity Type: Company
Industry: Aviation
Location: Australia
Size: Large
Customers Affected: Up to 5.7 million
Incident : Data Breach QAN612070225
Entity Type: Airline
Industry: Aviation
Location: Australia
Customers Affected: 6 million
Incident : Data Breach QAN609070225
Entity Type: Airline
Industry: Aviation
Location: Australia
Customers Affected: 6 million
Response to the Incidents
What measures were taken in response to each incident?
Incident : Fraud QAN535071025
Law Enforcement Notified: Yes, but rarely pursued
Incident : Data Breach QAN612070225
Incident Response Plan Activated: Yes
Third Party Assistance: Yes
Law Enforcement Notified: Yes
Containment Measures: System contained, additional security measures implemented
Communication Strategy: Dedicated support hotline established
Enhanced Monitoring: Yes
Incident : Data Breach QAN609070225
Law Enforcement Notified: Australian Cyber Security Centre, Australian Federal Police, Office of the Australian Information Commissioner
Communication Strategy: Email notifications, Support line for customers
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
How does the company involve third-party assistance in incident response?
Third-Party Assistance: The company involves third-party assistance in incident response through Yes.
Data Breach Information
What type of data was compromised in each breach?
Incident : Fraud QAN535071025
Type of Data Compromised: Names, phone numbers, emails, card details
Number of Records Exposed: Up to 5.7 million
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes
Incident : Data Breach QAN612070225
Type of Data Compromised: Names, Email addresses, Phone numbers, Birth dates, Frequent flyer numbers
Number of Records Exposed: 6 million
Sensitivity of Data: High
Data Exfiltration: Possible
Personally Identifiable Information: Yes
Incident : Data Breach QAN609070225
Type of Data Compromised: Personally Identifiable Information
Number of Records Exposed: Significant portion of 6 million
Sensitivity of Data: Medium
Personally Identifiable Information: Customer names, Emails, Phone numbers, Frequent flyer numbers, Birth dates
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through were System contained and additional security measures implemented.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident?
Incident : Data Breach QAN612070225
Regulations Violated: Potential Privacy Act violations
Regulatory Notifications: Australian Cyber Security Centre (ACSC), Office of the Australian Information Commissioner (OAIC), Australian Federal Police (AFP)
Incident : Data Breach QAN609070225
Regulatory Notifications: Australian Cyber Security Centre, Australian Federal Police, Office of the Australian Information Commissioner
Lessons Learned and Recommendations
What lessons were learned from each incident?
Incident : Fraud QAN535071025
Lessons Learned: Need for stronger identity verification systems, transparency and regulation of data brokers, active enforcement of cyber-enabled fraud, and proactive education.
What recommendations were made to prevent future incidents?
Incident : Fraud QAN535071025
Recommendations: Never share one-time passcodes over the phone, Hang up and call the bank directly if in doubt, Be cautious about sharing personal information online, Banks should reassess policies on customer communication, Redesign verification processes to prevent harm
What are the key lessons learned from past incidents?
Key Lessons Learned: The key lessons learned from past incidents are Need for stronger identity verification systems, transparency and regulation of data brokers, active enforcement of cyber-enabled fraud, and proactive education.
What recommendations has the company implemented to improve cybersecurity?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Never share one-time passcodes over the phone, Hang up and call the bank directly if in doubt, Be cautious about sharing personal information online, Banks should reassess policies on customer communication, Redesign verification processes to prevent harm.
References
Where can I find more information about each incident?
Incident : Fraud QAN535071025
Source: Article on convergence scams
Incident : Data Breach QAN609070225
Source: FBI
Incident : Data Breach QAN609070225
Source: Mandiant
Incident : Data Breach QAN609070225
Source: Palo Alto Networks
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Article on convergence scams, and Source: FBI, and Source: Mandiant, and Source: Palo Alto Networks.
Investigation Status
What is the current status of the investigation for each incident?
Incident : Fraud QAN535071025
Investigation Status: Ongoing
Incident : Data Breach QAN612070225
Investigation Status: Ongoing
Incident : Data Breach QAN609070225
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through were Dedicated support hotline established, Email notifications and Support line for customers.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident?
Incident : Data Breach QAN609070225
Customer Advisories: Email notifications, Support line for customers
What advisories does the company provide to stakeholders and customers following an incident?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Email notifications and Support line for customers.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Fraud QAN535071025
Entry Point: Stolen personal data
High Value Targets: Bank customers
Data Sold on Dark Web: Bank customers
Incident : Data Breach QAN612070225
Entry Point: Third-party customer service platform
Incident : Data Breach QAN609070225
Entry Point: Third-party customer servicing platform
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Fraud QAN535071025
Root Causes: Stolen personal data, weak enforcement, outdated verification systems
Corrective Actions: Stronger identity verification, regulation of data brokers, active enforcement
What is the company's process for conducting post-incident analysis?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Yes, Yes.
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Stronger identity verification, regulation of data brokers, active enforcement.
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an Cyber Criminals, Cybercriminals and Scattered Spider.
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on Monday.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-07-17.
Impact of the Incidents
What was the highest financial loss from an incident?
Highest Financial Loss: The highest financial loss from an incident was A$6,000 (example case).
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal data, credit card details, Names, Email addresses, Phone numbers, Birth dates, Frequent flyer numbers, Customer names, Emails, Phone numbers, Frequent flyer numbers and Birth dates.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Third-party customer service platform and Third-party customer servicing platform.
Response to the Incidents
What third-party assistance was involved in the most recent incident?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Yes.
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were System contained and additional security measures implemented.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal data, credit card details, Names, Email addresses, Phone numbers, Birth dates, Frequent flyer numbers, Customer names, Emails, Phone numbers, Frequent flyer numbers and Birth dates.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 17.7M.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Need for stronger identity verification systems, transparency and regulation of data brokers, active enforcement of cyber-enabled fraud, and proactive education.
What was the most significant recommendation implemented to improve cybersecurity?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Never share one-time passcodes over the phone, Hang up and call the bank directly if in doubt, Be cautious about sharing personal information online, Banks should reassess policies on customer communication, Redesign verification processes to prevent harm.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident are Article on convergence scams, FBI, Mandiant and Palo Alto Networks.
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued?
Most Recent Customer Advisory: The most recent customer advisory issued was were an Email notifications and Support line for customers.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Third-party customer service platform, Stolen personal data and Third-party customer servicing platform.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
