Information for customers on cyber incident

On Monday 30 June 2025, we detected unusual activity on a third-party platform used by a Qantas airline contact centre. We then took immediate steps and contained the incident. We can confirm Qantas systems remain secure.

We will email you directly if you had personal information within the impacted system.  

It will advise on the types of your personal data that was contained in the impacted system and provide advice and support. 

This email is sent to customers aged 15 and above for whom we hold an email address. Customers who do not receive this email should check their spam or junk folder.  

Our customer records are based on unique email addresses, so if you have multiple email addresses registered with Qantas, you may receive a separate notification to each impacted email address.

Qantas Frequent Flyers will be able to access this information via a dedicated self-service tool once they are logged into their account. This is expected to be available by the end of this week.

We recommend that customers take the following general precautionary steps and remain vigilant to any misuse of their personal information: 

• Remain alert, especially through email, text messages or telephone calls, particularly where the sender or caller purports to be from Qantas. Always independently verify the identity of the caller by contacting them on a number available through official channels; 
• Where available, use two-step authentication, such as an authentication application, for personal email accounts and other online accounts. This adds an extra layer of protection; 
• Stay informed of the latest scams and the steps you can take to protect yourself online by visiting Scamwatch and Cyber.gov.au;
• Visit IDCARE's Learning Centre and the Office of the Australian Information Commissioner website for further information and resources on protecting personal information; and 
• Do not provide your online account passwords or any personal or financial information. Qantas will never contact customers requesting passwords, booking reference details or sensitive login information. 

Customers who believe they have been targeted by scammers should report it to Scamwatch.

There is no evidence that any personal data stolen from Qantas has been released, but with the support of specialist cyber security experts, we continue to actively monitor.

We have increased resourcing in our contact centres and established a dedicated customer support line on 1800 971 541 or +61 2 8028 0534. This is available 24/7.

Our customers have access to specialist identity protection advice and resources through this team. 

The latest updates will be shared with customers on this page.

As Qantas works through its incident response, it has determined that there are a number of address fields that were held in the system that was compromised. 

We can confirm outside of some residential and business addresses, including hotels for baggage services, there are a number of these fields that are invalid. 

Not all are full addresses, some are postcode only, and some are a number of years old, for example. However, we have decided to notify everyone that had a potential address field populated in an effort to be transparent as possible.

Additional security measures have been put in place to further restrict access and strengthen system monitoring and detection. This includes additional security measures for Qantas Frequent Flyer accounts to further protect these from unauthorised access, including requiring additional identification for account changes.  

We are working closely with the Federal Government’s National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts. We have also notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. Given the criminal nature of this incident, the Australian Federal Police has also been notified. We will continue to support these agencies as the investigation continues.

If you have upcoming travel, you can check your flight details through the Qantas App or website as normal.

There is nothing to indicate that points were stolen in connection with this incident.

We will continue to share future updates to this dedicated page.

You can also contact our dedicated support line on 1800 971 541 or +61 2 8028 0534 if you have specific concerns or questions.

We are working closely with the Federal Government’s National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts. We have also notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. Given the criminal nature of this incident, the Australian Federal Police has also been notified. We will continue to support these agencies as the investigation continues.

We took immediate steps and contained the system, and Qantas systems remain secure.

Frequent Flyers can continue to engage in the program and with partners as normal.  

Frequent Flyer passwords, PINs and log in details were not accessed or compromised, but customers can update these details at any time.  

The information accessed in the incident is not enough to gain access to Frequent Flyer accounts.   

In addition, all Frequent Flyer accounts by default have multi-factor authentication or two-factor authentication already enabled.  This could be a one-time password being sent to the registered mobile number or email, answering security questions or through the Authenticator App.  

There is no requirement to reset your password or PIN.

Qantas Frequent Flyer passwords, PINs and log in details were not accessed or compromised in the incident, but customers can update these details at any time.

All Frequent Flyer accounts by default have multi-factor authentication (MFA) or two-factor authentication (2FA) already enabled.

This could be a one-time password (OTP) being sent to the registered mobile number or email, or answering security questions or the Authenticator app.

For added account security, we recommend customers use an authenticator app as an additional MFA/2FA option, and follow the account security guidelines found here.

Emails from Qantas will always come from a domain that ends in qantas.com. For example, an email from @loyalty.qantas.com is legitimate, as it ends in .qantas.com.

It is important you check the email address that the email has been sent from, not the display name. The display name can be made to look legitimate when it is not, which is why it is important to check the address the email has been sent from.

Emails from domains that do not end in qantas.com or qantas.com.au should be reported. (i.e qantas.net or qantas.biz)

If you do receive any suspicious emails, text messages or calls from someone purporting to be Qantas, you can report this via our Dedicated Support Line on 1800 971 541 or +61 2 8028 0534.

You can also report scams at Scamwatch or contact your local authorities if you're outside Australia.

For additional advice, please visit Act Now. Stay Secure.

If you wish to update your profile, including contact details, you can do so online via the following steps:

1. Log in to Qantas Frequent Flyer at qantas.com
2. Click on Profile, then My Profile, then Personal Information
3. You can then change your information, including contact details, PIN, and security questions, as well as set up a digital authentication app.