Cyber

Maurice Blackburn Launches Legal Action for Qantas Data Breach Victims

Maurice Blackburn has filed a representative complaint with the Office of the Australian Information Commissioner (OAIC) against Qantas, alleging a breach of the Privacy Act 1988 (Cth), following a major data breach. The cyber attack, which occurred at Qantas’s Manila call centre, compromised the personal information of 5.7 million customers

Matthew Giannelis
Matthew Giannelis

National law firm Maurice Blackburn has lodged a representative complaint against Qantas, seeking compensation on behalf of millions of customers whose personal data was compromised in the airline’s recent cyber attack.

On Monday 30 June 2025, Qantas detected unusual activity on a third-party platform used by a Qantas airline contact centre.

An initial review confirmed the stolen data includes customer names, email addresses, phone numbers, dates of birth and frequent flyer numbers.

No credit card details, personal financial information or passport details were stored on the compromised system and therefore were not accessed.

Maurice Blackburn principal lawyer Elizabeth O’Shea said the official complaint was lodged late yesterday with the OAIC, the authority charged with taking action over breaches of the Privacy Act.

“While we await a response and potential action from the OAIC in relation to Qantas failing to adequately protect the personal information of its customers, we would encourage Qantas customers who were impacted by the breach to register with us to receive updates about the representative complaint and compensation which may be sought on your behalf,” she said.

“It is early days in what we are learning about the mass data breach, but if you’re one of the millions of people that have had your personal information compromised, you’re eligible to register with us and we will keep you informed as the matter progresses.”

It comes as Qantas obtained an interim injunction in the NSW Supreme Court to try and stop the publication of the stolen data.

“We want to do all we can to protect our customers’ personal information and believe this was an important next course of action,” Qantas said in a statement.

There is no evidence that any personal data stolen from Qantas has been released, but Qantas said it was actively monitoring the situation with the support of cyber security experts.

The injunction means that in the event cyber criminals do post details on the dark web, others won’t be able to repost or publish the details.

Of the remaining 1.7 million, about 1.3 million had residential and business addresses, 1.1 million had date of birth, 900,000 had phone numbers, 400,000 their gender, and 10,000 their meal preferences impacted.

ByMatthew Giannelis
Follow:
Secondary editor and executive officer at Tech Business News. An IT support engineer for 20 years he's also an advocate for cyber security and anti-spam laws.
Previous Article Australian SME Financing Tech 2025 How Australian SMEs Can Leverage Alternative Financing to Fuel Tech Adoption in 2025
Next Article ESET Announces Winner of the Australia 2025 Women in Cybersecurity Scholarship ESET Names 2025 Australian Women In Cybersecurity Scholarship Winner
Leave a Comment

Leave a Reply

Qantas obtains court order to prevent third-party access to stolen data

Tech Articles

Why is APAC losing the war on digital fraud

Why APAC is Losing Ground In The Fight Against Digital Fraud

Why APAC is losing the war on digital fraud is…

The Growing Crisis of Space junk and Debris

Space Junk Is Becoming One of the Biggest Threats to Modern Spaceflight

More than 33,000 tracked objects now orbit Earth at speeds…

The Decay of guest blogging posts

The Decay of Guest Blogging. It Got Cheap, Automated, and Spammy.

Guest blogging once helped publishers showcase real expertise and build…

Recent News