top of page
ACM_Logo_Lg.png

Follow our Blog

Catch all the latest news in cybersecurity, endpoint security, malware and anti-virus threats by signing up for our Blog.

When you sign up we will send you an email notification to alert you to a new post so you won't miss a thing.

Never Miss a New Blog - Subscribe Here:

Why the recent Qantas Airways data breach means we all need to be extra careful about SMS & Email scams

  • Writer: Jason Riley
    Jason Riley
  • Oct 23
  • 4 min read

Many of you may have seen reports that Qantas recently had a data breach, confirmed by the airline itself, in which personal data for around six million customers was exposed when a third-party contact-centre system was accessed by cyber criminals.


That kind of incident may sound like something for the big boys, but it has real-life consequences for all of us — particularly when it comes to scams via text messages (SMS) and email. Here’s what it means and what you can do to stay safe.


What exactly happened?


qantas data breach victims contacted

The breach was discovered around 30 June 2025 when Qantas noticed unusual

activity in a system used by one of its contact centres. The airline immediately launched an investigation and discovered information had been exposed to hackers. That information includes names, email addresses, phone numbers, dates of birth and frequent-flyer numbers for around 6 million customers. Thankfully, no credit-card details, passport numbers or login passwords appear to have been included in the data breach.


In a series of statements, Qantas reported it had contained the system, was working with cybersecurity agencies, and would notify affected customers as they were identified in the investigation.


Why the Qantas Data Breach means we should expect more SMS & email scams


When personal details like your name, phone number, and perhaps your frequent-flyer number or date of birth are exposed, scammers can use that info to make their messages personalised and much more convincing. Here’s how:


  • A scammer might send you an SMS that appears to come from Qantas (or claims to) and uses your name or frequent-flyer status to get your attention.


  • They may send an email saying “we need to verify your account because of the breach,” and ask you to click a link or call a number. Because you know about the breach, you may be more likely to trust the message.


  • Scammers might combine phone number + email + name so they can call and then “confirm” the information by asking for personal details. That gives them a much better chance of succeeding.


In short, the breach gives fraudsters the “hook” they need to be more convincing — because you’ve already been told your data might be affected.


So yes, we should expect a spike in scam attempts right now, especially targeted ones that look more personal and convincing than the old “generic lottery” or “you’ve won” scams.


Examples of scam emails (click to expand)


What you can do (especially if you’re a senior or helping someone who is)


Here’s a simple checklist to help keep your data and peace of mind safe:


  1. Be extra-sceptical of unexpected messages. If you get an email or SMS saying “Qantas here, we need your details” — be very careful.


  2. Don’t click links or call phone numbers in the message unless you are absolutely sure it’s genuine. A better way to go is to head to the official website yourself or call the official number you already know.


  3. Never give out personal information such as your date of birth, frequent-flyer number, login and password, or bank / credit-card details in response to an unsolicited request. Not ever!


  4. Monitor your accounts and phone calls. If you see strange activity (calls you didn’t expect, login-attempts, odd emails) act quickly and contact the relevant bank, telco or other service provider.


  5. Use official sources. If you’re unsure, check the airline’s website. Qantas has setup a dedicated page about the incident and you can access it by clicking here.


  6. Help your family or friends. If you know someone older or less comfortable with tech, talk to them about this. Perhaps show them examples of what a scam message might look like, and agree on a plan for how to handle any potential messages before responding.


  7. Keep login details separate and strong. Change passwords occasionally, and use different ones for different services. This practice will help insulate your accounts if one is compromised.


  8. Report suspicious messages. If you receive something you believe is a scam, report it to the government’s Australian Cyber Security Centre reporting service or ScamWatch and then delete the message.


Why this matters for you


As we age, we may accumulate more memberships, loyalty programs, subscriptions, email addresses, phone numbers etc. and that makes our “digital footprint” bigger. The more data there is, the more opportunities scammers have to find something to use.


qantas data breach worst case scenario

A data breach like this shows that it’s not just banks we need to watch out for. Airlines, phone companies, healthcare insurance providers and loyalty programs can have a data breach, and we all need to be aware. Many have already had a data breach.


In Summary


The Qantas data breach is a reminder that our personal information — names, phone numbers, email addresses — is valuable and that scammers are always adapting. But by staying alert, not rushing into replies, verifying from official sources and supporting our friends and family, we can reduce the risk that we’ll become a victim of a scam.


Stay safe, stay alert — and when in doubt, stop and check.



Comments

bottom of page