On 30 June 2025, Qantas detected unusual activity within a third-party contact center platform, triggering a swift cybersecurity response. By the next day, they confirmed a cyberattack—which has since evolved into a major data breach affecting up to 6 million customers.

As an IT Managed Service Provider, we empathise with Qantas and commend their transparency. This incident is a powerful reminder: cyber threats can affect any business—no matter its size, industry, or reputation.

Let’s break down what happened and the lessons your business can learn.

What Happened?

Qantas confirmed that attackers gained access via a third-party platform used by a contact center. The stolen customer data includes:

• Full names

• Email addresses

• Phone numbers

• Frequent Flyer numbers (including tier/points status)

• Dates of birth

• Residential or business addresses

• Gender and meal preferences

What wasn’t compromised:
No credit card details, passwords, passport numbers, or login credentials were accessed.

Qantas responded quickly, engaging the Australian Federal Police and cybersecurity experts to investigate and contain the threat.

Who’s Behind the Attack?

Experts suspect Scattered Spider; a cybercrime group linked to previous attacks on:

• Marks & Spencer (M&S)

• Co-op

• WestJet

• Hawaiian Airlines

This group is known for social engineering tactics—tricking support agents into resetting passwords or disabling MFA. It’s a powerful reminder that not all breaches start with a hack—some start with a phone call.

Why This Should Worry Every Business

This isn’t just an airline problem. A breach like this can cause:

• Loss of customer trust

• Regulatory investigations

• Business disruptions

• Legal and financial penalties

If you use third-party vendors, help desks, or cloud platforms—you're exposed to similar risks.

3 Key Lessons from the Qantas Breach

1. Third-Party Risk Is Your Risk

The attack originated from an external platform. Your cybersecurity is only as strong as your weakest vendor.

✅ Ask vendors for cybersecurity certifications
✅ Include them in your incident response planning
✅ Ensure they follow strict access control policies

2. Social Engineering Is a Real Threat

These attackers bypass firewalls by manipulating people, not systems.

✅ Run regular phishing simulations
✅ Train staff to spot impersonation attempts
✅ Enforce multi-factor verification for account changes

3. Resilience Is Just as Important as Security

Qantas contained the breach quickly—which likely reduced the impact.

✅ Do you have a tested incident response plan?
✅ Are your backups secure and recoverable?
✅ Could you act within hours, not days?

🛡️ How to Strengthen Your Cyber Defences Today

Take these steps now to reduce your risk:

✔️ Audit your digital footprint
Know what data you hold, where it lives, and who can access it.

✔️ Review vendor policies
Ensure your partners follow strong cybersecurity practices.

✔️ Run a breach simulation
Test your team’s response under pressure.

✔️ Train your employees
Human error is still the #1 cause of data breaches.

Final Thought: It Could Happen to You

This isn’t just about Qantas. It’s a wake-up call for all businesses.

Cybercriminals are getting smarter, and increasingly, they're targeting small and mid-sized businesses—assuming they have weaker defences.

How Rachis Can Help

At Rachis, we go beyond installing software—we build real cyber resilience for businesses like yours.

Our services include:

🔒 Managed Detection & Response (MDR)
💻 Endpoint Protection
📚 Staff Security Awareness Training
🤝 Vendor Risk Management
💾 Backup & Disaster Recovery Planning

✅ Is Your Business Cyber-Resilient?

Now’s the time to find out—before someone else does.

📩 Contact us today to schedule a Cyber Risk Assessment.