Panda SecurityYes, it does. Although there is no exact number of how many U.S. citizens are affected, the number is likely enormous. Every year, Australia welcomes more than half a million tourists from the USA, and Qantas is one of the major airlines operating flights from numerous major U.S. cities, including Los Angeles, San Francisco, New York, and Dallas. The breach occurred in July 2025, and although the FBI reported some successes in dealing with the hacker organization that claimed responsibility, the stolen information belonging to Qantas was subsequently leaked on the dark web. Qantas has begun notifying the affected travelers, which includes U.S. persons, about the cybersecurity breach that affected nearly six million customers worldwide.
Key takeaways
- U.S. travelers are among the victims of the Qantas hack from July 2025
- The details of 5.7 million Qantas customers have been leaked online
- The leaked information consists predominantly of names, addresses, DOBs, and phone numbers.
- The number of affected Americans is unknown, but it is likely in the thousands
- Qantas has begun informing affected customers, but does not offer free identity theft monitoring services to the victims
When did Qantas experience the hack, and who is responsible for the attack?
Earlier this year, hackers belonging to a cybercriminal collective known as Scattered Lapsus$ Hunters deployed social engineering tactics to gain unauthorized access to the Salesforce environments of numerous high-profile companies, including the Australian airline Qantas. The incident occurred in the summer of 2025 and resulted in the theft of over 5 million travelers’ personal records, which included sensitive information.
Has the stolen information been leaked on the dark web?
Although global law enforcement agencies, including the FBI, managed to disrupt the operations of the Scattered Lapsus$ Hunters cyber gang, records of approximately 5.7 million travelers have been exposed. After the initial confirmation of the Salesforce-related cyber incidents, multiple law enforcement agencies collaborated. They worked together to shut down the website of the crime gang that claimed responsibility for the attack. Law enforcement also took down a dark web forum used by the gang members.
What info was leaked in the Qantas cyber incident?
The hackers managed to obtain sensitive information, including names, email addresses, physical addresses, date of birth details, and phone numbers. The stolen data does not contain Social Security Numbers (SSN) or passport information of U.S. citizens.
How many U.S. citizens have been affected by the Qantas hack?
The number of U.S. citizens affected by the data breach is unknown. However, Australia receives more than half a million tourists every year. So the number of affected travelers is likely in the thousands.
How to know if a person is included in the Qantas data breach?
Qantas customers whose details have been leaked are now receiving emails from Qantas with more information about the breach. The airline has begun notifying its affected customers. Qantas advises its customers to remain alert and always use two-step authentication when possible.
The Australian airline is not alone. The company is just one of many organizations globally that have been affected by the social engineering attacks on Salesforce customers. The same hacker organization used the same tactic on other high-profile organizations, including Cisco, Allianz Life, and Coca-Cola. Scattered Lapsus$ Hunters claims to have more than one billion personally identifiable records. With the increasing number of cyber incidents, the likelihood of personal information being exposed is substantial, and having antivirus protection on all connected devices has never been more critical than it is now.
