Hackers tied to a group that identifies as "Scattered Lapsus$ Hunters" have officially published Qantas customer data on the dark web after a ransom deadline finally passed. This breach, which was tied to the third-party Salesforce environment which was originally compromised in mid-2025, exposed the personal details of millions of different customers, including both Australian and non-Australian nationals. This included names, email addresses, phone numbers, dates of birth and even frequent-flyer numbers.

Qantas has indicated that there was no payment data released, and that the hackers were not able to gain access to individual passport records. Estimates range from 5-5.7 million affected individuals, all part of a broader multi-company haul the group believes totaled up to 1 billion.

See Full Page