Shockingly, Qantas and 39 Other Giants Face Data Ransom Threat - What’s Next?
In an unprecedented cyber heist, Qantas and nearly 40 global companies are on edge after hackers known as Scattered Lapsus$ Hunters have threatened to leak an astonishing 1 billion personal data records. This news comes as a chilling reminder that even the giants of industry are not immune to the clutches of digital criminals.
The hacker collective recently released an extortion note on a dark web data leaks site, demanding ransom in exchange for not sharing the stolen data. Among the high-profile names affected are Toyota, Disney, McDonald's, Puma, Cartier, Adidas, Air France-KLM, Google Adsense, Chanel, and of course, Qantas. The cyber gang is pressuring both these corporations and Salesforce—a platform allegedly connected to the breach—to engage in negotiations by October 10th.
Reportedly, the data was pilfered between April 2024 and September 2025, containing sensitive personal and contact information from customers and employees, including dates of birth, purchase histories, and even passport numbers. Alarmingly, the hackers have also indicated that they possess frequent flyer numbers from airline customers.
Previously, Qantas suffered a major cyber-attack in June that compromised the records of up to 6 million customers. In a bid to protect its clientele, a spokesperson assured that the airline is prioritizing “continued vigilance and providing ongoing support” following the breach. They even secured a court injunction to prevent any unauthorized access or release of the stolen data.
Meanwhile, Salesforce remains firm in its stance, stating they will not negotiate with the hackers and claim that their platform has not been compromised. “We are aware of recent extortion attempts... and our findings indicate these attempts relate to past or unsubstantiated incidents,” the company confirmed.
Aiden Sinnott, a security researcher from Sophos, highlighted that Scattered Lapsus$ Hunters have a notorious reputation for orchestrating large data leaks, often mixing misinformation with their threats. “These guys are unpredictable,” he remarked, indicating that if they indeed possess Qantas data, a leak is a real possibility.
According to the Google Threat Intelligence Group, this hacker collective is driven by financial motives and excels in sophisticated voice phishing campaigns. Their tactics are particularly effective in manipulating employees at multinational corporations into compromising situations, leading to shared sensitive information.
