Australian airline Qantas said it suffered a cybersecurity incident that impacted the personal data of millions of customers.

The carrier said it was contacting customers on Wednesday to inform them it had detected "unusual activity" on a third-party platform used by a Qantas airline contact center, which holds service records for 6 million people.

After discovering the unusual activity Monday, the company said it "took immediate steps and contained the system" and that all of its systems have remained secure ever since. The company is still investigating how much data was stolen, but it expects it to be "significant."

During an initial review, the airline discovered that some customers’ names, email addresses, phone numbers, birthdates and frequent flyer numbers were impacted.

However, the airline confirmed that credit card details, personal financial information and passport details are not held in this system. Frequent flyer accounts, passwords, PINs and log-in details weren't impacted.

"We sincerely apologise to our customers and we recognize the uncertainty this will cause. Our customers trust us with their personal information and we take that responsibility seriously," Qantas Group CEO Vanessa Hudson said in a statement.

The carrier also established a dedicated customer support line as well as a dedicated page on its website to provide the latest information to customers.

The cyberattack comes days after U.S. officials warned that a notorious cybercriminal group was targeting the airline sector.

The FBI posted on X last week that the cybercrime group "Scattered Spider" relies on "social engineering techniques, often impersonating employees or contractors to deceive IT help desks" to grant access to systems and steal sensitive data for extortion.

The group frequently involves methods to bypass multifactor authentication (MFA), such as convincing help desk services to add unauthorized MFA devices to compromised accounts.

"They target large corporations and their third-party IT providers, which means anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk," the FBI wrote.



The FBI's warning came one day after Hawaiian Airlines said it was addressing a cybersecurity event that has affected some of its IT systems. However, it said it was able to continue operating its full flight schedule. The Federal Aviation Administration (FAA) safety office said it was in contact with the airline and that there has been no impact on safety.

Kelly Siegel, CEO of trusted IT managed services provider company, National Technology Management, told FOX Business that the FBI's warning is "a stark reminder of how vulnerable even our most critical infrastructure remains."

"Cyber threats aren't hypothetical – they're a relentless reality, and our airlines are in the crosshairs," he said.