SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Realistic person using smartphone laptop airport lounge cybersecurity icons
#
Data Protection
#
VPNs
#
MDM

Travellers warned on cybersecurity after Qantas data breach

Wed, 23rd Jul 2025
Author image
By Jed Nykolle Harme, Editor

Kadi Luggage has issued a warning to travellers regarding personal device cybersecurity following a breach involving a third-party customer service platform used by Qantas Airways' contact centre, which exposed the personal information of around six million customers.

The details accessed in the attack included names, email addresses, phone numbers, birth dates and frequent flyer numbers belonging to Qantas customers. The airline confirmed that no financial data or frequent flyer account credentials were obtained as part of this incident.

This event has drawn attention to the broader risks faced by individuals using digital devices and services as part of their travel, especially in busy environments such as airports. The increase in reliance on technology for travel arrangements, ticketing, and in-transit communications has made cyber threats a growing concern for both companies and passengers.

Personal safety risks

Harry Sanders, CEO of Kadi Luggage, commented that there is considerable risk surrounding traveller data, stating:

"The Qantas breach serves as a stark reminder that travellers' personal information is a prime target for cybercriminals.
Airports and airlines are interconnected hubs of sensitive data, making them attractive targets for cyberattacks. It's imperative that travellers remain vigilant and adopt proactive cybersecurity measures. Taking these precautions seriously can help protect individuals from identity theft, financial loss, and long-term privacy breaches."

Common technologies such as smartphones, tablets, laptops and smartwatches are constantly seeking Wi-Fi connections, syncing data and storing personal details, potentially exposing users to cybercrime. In an environment such as an airport, where travellers are often distracted and under time pressure, the risk increases significantly.

Cybercriminals may use the opportunity to exploit these conditions to gain unauthorised access to data – information that can then be used for fraudulent activities such as identity theft, financial scams or unauthorised account access.

Travellers are urged to remember that the issue of cybersecurity extends beyond the IT department – it is described as a personal safety matter that should be prioritised throughout any journey.

Risks in the airport environment

Kadi Luggage has identified several specific threats facing travellers in airport environments across Australia. These include:

OMG cables: Devices which mimic ordinary USB charging cables but are modified to record keystrokes, inject malicious code or enable remote access by attackers. These may be distributed in public areas or purchased online, designed to catch unsuspecting users.

Fake airport Wi-Fi networks: Cybercriminals can establish wireless networks with names that closely resemble official airport Wi-Fi services, such as "Free_Airport_WiFi". If a traveller connects to one of these, their internet activity may be monitored and personal data including login and financial information could be stolen.

Juice jacking: Public USB charging ports in airport lounges or boarding gates can be tampered with, allowing malicious software to be installed on connected devices or data to be accessed surreptitiously. Since USB ports transmit both power and data, using one without protection can present a security hazard.

Precautionary measures

Kadi Luggage has published a list of recommendations for anyone travelling through airports:

• Avoid using public USB charging ports. Instead, use a personal wall charger plugged into a standard power outlet, or carry a fully charged power bank.

• Carry data-blocking USB adapters, which allow charging but block the data pins to prevent malware installation or data theft when using public USB ports.

• Disable the auto-connect feature for Wi-Fi on devices. This prevents devices from connecting unknowingly to unauthorised networks. Manual verification of the official airport network is advised before joining any network.

• Use a reputable Virtual Private Network (VPN) app on devices to encrypt data transmitted over public Wi-Fi connections.

• Ensure that all devices, apps and browsers are fully updated before leaving for travel. Security vulnerabilities are frequently patched via updates, so keeping systems current is key to protection.

Additionally, activating two-factor authentication (2FA) on important accounts prior to travel is recommended, as it provides an extra layer of security, even if login credentials are compromised.

The recent breach impacting Qantas customers highlights ongoing challenges in securing digital information within the travel sector and the necessity for vigilance and good digital hygiene by all travellers.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Phishing services drive 389% surge in account breaches
isVerified launches AI voice deepfake defence for execs
SEON posts rapid growth & raises USD $80m Series C
ChatGPT drives bulk of enterprise generative AI data risk
BioCatch warns AI agents will supercharge online fraud

Top stories

Executive-level CISO titles surge amid rising scope strain
Asimily boosts Cisco ISE with new device microsegmentation
Cyb3r Operations raises $5.4m to tackle cyber risk
Deepfake boom fuels relentless wave of celebrity scams
Visionplatform.ai adds AI agents to Milestone XProtect