1. All Business
  2. Companies
  3. Markets
  4. Wealth
  5. Mining
  6. Energy

Qantas gains ruling over data hack hitting dark web

Farid Farid
AAP
1 Min Read
Updated
Comments
Qantas has sought to limit the spread of personal information of almost 6 million customers on the internet and the dark web after a sizeable data hack.
Qantas has sought to limit the spread of personal information of almost 6 million customers on the internet and the dark web after a sizeable data hack. Credit: Dan Himbrechts/AAP

Qantas has sought to limit the spread of personal information of almost 6 million customers on the internet and the dark web after a sizeable data hack.

The airline says it has obtained an interim injunction “to prevent the stolen data from being accessed, viewed, released, used, transmitted or published by anyone, including by any third parties”.

Meanwhile, law firm Maurice Blackburn said on Friday it has lodged a complaint with the Office of the Australian Information Commissioner (OAIC) on behalf of affected Qantas customers.

Sign up to The Nightly's newsletters.

Get the first look at the digital newspaper, curated daily stories and breaking headlines delivered to your inbox.

Email Us
By continuing you agree to our Terms and Privacy Policy.

Legal experts suggest the incident could lead to a class action against the carrier after compensation claims were made against Optus and Medibank following major data breaches in 2022.

Qantas has emphasised that even though the personal details of 5.7 million customers were compromised via a hack in one of its offshore call centres, no credit card details, personal financial information or passport details have been accessed.

“We want to do all we can to protect our customers’ personal information and believe this ( injunction) was an important next course of action,” the airline said on Thursday.

The names, email addresses and frequent flyer details of four million customers were exposed.

The remaining 1.7 million customers had more data taken, including their names, email addresses, dates of birth, phone numbers, personal or business addresses, gender and meal preferences.

A statement of claim lodged in the NSW Supreme Court on Wednesday identified the defendant as “persons unknown”.

It defined them as any person or entity that carried out or aided in the cyber hack and that “communicated payment details” to the plaintiff Qantas.

The carrier previously said a possible cybercriminal had contacted it about the data breach but it confirmed in the claim that no ransom has been paid.

The airline demanded the defendant also “take all steps to immediately remove all and any of the impacted dataset ... from all accessible internet locations”.

It also included any publication on the “dark web”.

Australian Federal Police investigators are also probing the breach.

Comments

Latest Edition

The Nightly cover for 18-07-2025

Latest Edition

Edition Edition 18 July 202518 July 2025

I had a brief fling with Latham. His downfall isn’t just deserved. It’s long overdue.

Read the Latest EditionAll Editions
Read the Latest EditionAll Editions