Qantas Airways, Australia’s national airline, has confirmed a cyber incident impacting up to six million customers, marking the latest high-profile breach in the aviation sector.
The attack, disclosed on July 2, 2025, involved a third-party customer service system linked to one of Qantas’s outsourced call centres. Compromised information reportedly includes names, email addresses, birthdates, phone numbers, and Frequent Flyer IDs. The company has reassured customers that no passwords or financial information were accessed.
Suspected Group: Scattered Spider
Security analysts suggest the breach shows signs of Scattered Spider, a cybercriminal group known for advanced social engineering and ransomware campaigns. This group, believed to operate from the US, UK, and Canada, allegedly exploited vulnerabilities in a call centre located in Manila to gain entry.
According to analysts, Scattered Spider frequently targets customer service and CRM platforms by deceiving employees into surrendering credentials. The group’s recent activity includes attacks against airlines and telecom providers across North America, with an FBI alert issued just days prior to the Qantas breach.
Third-Party Exposure and Systemic Risk
The incident underscores a critical vulnerability in the aviation sector—its reliance on a network of external vendors. The International Civil Aviation Organization previously reported that nearly two-thirds of airports experienced cyber incidents in 2021, with third-party platforms commonly exploited as entry points.
Australia’s cybersecurity minister, Tony Burke, pointed to the growing challenge of enforcing updated privacy laws, such as the amended Australian Privacy Principle 11, amid such complex vendor ecosystems.
Qantas’s Reaction and Customer Support
Qantas detected irregular activity on June 30 and acted quickly to contain the breach. Independent security firms were brought in to assist. Notifications were sent to regulatory bodies such as the Australian Cyber Security Centre, the Office of the Australian Information Commissioner, and federal law enforcement agencies.
CEO Vanessa Hudson publicly apologized, assuring that flight operations and core infrastructure were not impacted. However, experts caution that customers may now be vulnerable to phishing scams impersonating Qantas. The airline has set up a dedicated hotline to assist affected individuals. Its stock dipped by 2.2% following the announcement.
Wider Consequences for Airlines and Airports
The Qantas breach serves as a warning for the entire air transport industry. Airlines and airport authorities face mounting pressure to bolster digital defenses as attackers increasingly target backend systems and passenger data. Beyond reputational damage, such breaches can lead to regulatory penalties, reduced customer trust, and potential disruptions to operations if critical systems are affected.
Airports, which often depend on a multitude of digital services and third-party integrations, must now revisit their cyber resilience strategies, particularly in light of growing state-sponsored and financially motivated threats.
RELIANOID’s Approach to Active Prevention
At RELIANOID, we recognize the scale and sophistication of threats facing critical infrastructure like aviation. That’s why our solutions are designed with a Zero Trust architecture and multi-layered defense-in-depth approach. We enforce strict compliance with international security frameworks, including ISO 27001 and NIST guidelines.
Our enterprise-grade ADC and proxy solutions incorporate strong mTLS encryption, real-time behavioral monitoring, and advanced anomaly detection, ensuring minimal exposure to third-party risks. We regularly test and audit our systems to meet the latest cybersecurity compliance requirements, and we work closely with clients to implement custom hardening policies and 24/7 monitoring protocols.
Sector-Wide Call for Vigilance
Commenting on the growing threat, Jordan Avnaim, CISO at Entrust, stated: “Social engineering attacks are evolving fast, driven by deepfake technologies, AI-based impersonation, and exploitation of supply chains. Aviation is an attractive target for its scale, data value, and operational sensitivity.”
He added that countering these threats requires more than basic perimeter defenses. Organizations need continuous employee training, secure identity verification mechanisms, and board-level commitment to cybersecurity investments.
As Qantas continues to assess the damage, this breach is a stark reminder of the aviation industry’s digital fragility—and the urgent need for robust, proactive cybersecurity strategies across the sector.
RELIANOID’s Experience in the Aviation Sector
With proven experience in the aviation industry, RELIANOID currently supports secure, high-performance load balancing and traffic management for more than 15 airports across the United States and collaborates with multiple airlines globally. Our technology ensures seamless digital operations for both internal systems and customer-facing platforms. One example is a U.S. international airport that uses RELIANOID to manage high-volume passenger check-in and baggage tracking systems — enabling real-time redundancy, encrypted data flow, and uninterrupted service during peak travel periods or system failovers.
Check our Use Cases for this industry and feel free to contact us if you need any help or further information.
Related Blogs
