On June 30, 2025, Qantas Airways experienced a significant cyberattack that compromised their personal data. It is believed that the hacker targeted a call centre and gained access to a third-party customer service platform containing six million names, email addresses, phone numbers, birth dates and frequent flyer numbers however at this time, Quanta’s advice is that it did not contain credit card details, financial information or passport details.

Although the airline has not confirmed whether a ransom was demanded, a suspected cybercriminal has made contact with Qantas. The Australian Federal Police, along with cybersecurity experts, are currently investigating the incident.

Key Takeaways for Corporate Clients

Third-Party Vendor Risks: The breach underscores the vulnerabilities associated with third-party vendors. It’s crucial to assess and monitor the cybersecurity measures of all external partners.
Data Sensitivity Awareness: Even without financial data being compromised, the exposure of personal information can lead to phishing and social engineering attacks. Organisations should educate employees about these risks.
Incident Response Preparedness: Having a robust incident response plan can mitigate the impact of breaches. Regularly updating and testing this plan ensures readiness.
Regulatory Compliance: Data breaches can lead to regulatory scrutiny. Ensuring compliance with data protection laws and having clear communication strategies is essential.

Recommendations for Enhancing Cybersecurity

Conduct Regular Security Audits: Evaluate both internal systems and third-party vendors for potential vulnerabilities.
Implement Multi-Factor Authentication (MFA): Enhance access controls to sensitive data.
Employee Training: Regularly train staff to recognise and respond to phishing attempts and other cyber threats.
Review and Update Policies: Ensure data protection and incident response policies are current and effective.
Engage Cyber Insurance: Consider cyber insurance to provide financial protection against potential breaches.

The Qantas cyberattack serves as a stark reminder of the evolving cyber threats facing organisations today. By proactively assessing risks, enhancing security measures, and fostering a culture of cybersecurity awareness, businesses can better protect themselves and their stakeholders.

For further guidance on strengthening your organisation’s cybersecurity posture or exploring cyber insurance options, please contact our team.

Trusted by

HOW WE CAN HELP YOU

Ensure you have the RIGHT protection

Insurance can be complicated, but we love it! Working with you, we’ll assess your needs and match the best Insurance solution for a practical outcome.

Claims Team

With our in-house claims advocacy team, we are with you every step of the way.

Save you money

In one meeting we saved a new client’s premium by over 1/3! We’ll show you how to make Insurance work for you.

Complete Support Service

You can contact us anytime day or night.

Knowledge brings Options

We translate the details so you understand your options

Sign up for our newsletter

Warren Saunders Insurance Brokers ABN 77 044 195 121
Warren Saunders Insurance Brokers is an authorised representative of Warren Saunders Insurance Brokers (Aust) Pty Ltd AFSL 240939

Trusted by

Glen Hickey

General Manager, Wakehurst Golf Club Limited

Mike Roberts

Partner, Vardanega Roberts Solicitors

Frank Price

CEO, Royal Freemasons' Benevolent Institution

Antonio Ledonne

Managing Director

Warren Saunders Insurance Brokers have acted as brokers for St George Leagues Club for over 40 years and during that time has assisted during times of need. The service and advice provided by the Management and Staff of Warren Saunders Insurance Brokers has always been first class.

Craig Epton

Chief Executive Officer