Australian flag carrier airline.
On 30 June 2025, Qantas detected unauthorized access to a third-party Salesforce platform used by its Manila call center, achieved through voice-phishing of a call-center operator. Data on about 5.7 million customers was later dumped on 12 October 2025. Exposed data included names, email addresses, dates of birth, frequent-flyer numbers, and for some customers phone numbers and addresses. Credit-card and passport details were not exposed.
ObscureIQ assessment: High risk of travel-themed phishing, loyalty fraud, impersonation, and targeted scams. Frequent-flyer identifiers and support-context records make it easier to convincingly pose as airline staff or exploit high-value travelers.
The name/DOB/email/loyalty combination is well suited to convincing spear-phishing and loyalty-account takeover; addresses and phone numbers for a subset add targeting depth.
Qantas is the flag carrier airline of Australia, operating domestic and international flights and the Frequent Flyer loyalty program.
Airlines and travel brands collect customer identity, contact, support, and loyalty-program data across booking and service systems. In this case, leaked data reportedly included emails, phone numbers, home addresses, frequent-flyer numbers, tier status, and in some cases meal preferences from a third-party customer service platform.
Qantas detected the intrusion on a third-party customer-service platform in late June 2025; the stolen data was posted publicly in October 2025 after failed extortion.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Attribution and method are based on available breach intelligence. Reported attack vector: Credential Theft.
If you believe your information may be included:
On 30 June 2025, Qantas detected unauthorized access to a third-party Salesforce platform used by its Manila call center, achieved through voice-phishing of a call-center operator. Data on about 5.7 million customers was later dumped on 12 October 2025. Exposed data included names, email addresses,…
Verified fields include Email Address, Phone Number, Physical Address.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation