Overview

• After a ransom deadline lapsed, the hackers published the cache on both the dark web and publicly accessible sites.
• Qantas reports about 5.7 million customers are affected, with names, emails, phone numbers, birthdates, addresses, gender, meal preferences and frequent‑flyer numbers exposed, but not credit‑card, financial or passport data.
• The airline obtained an injunction from the New South Wales Supreme Court barring access and publication of the leak and says flight operations and safety were unaffected as it works with security authorities.
• Qantas says the intrusion began via a third‑party platform, and media identify Salesforce as the vendor involved in a July campaign that targeted roughly 40 companies worldwide.
• Security experts, including Troy Hunt, say their own addresses appear in the dump and urge affected customers to be alert to targeted phishing attempts.