SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Airplane digital lock cybersecurity aviation distressed crowd digital data australian airport
#
UC
#
Data Protection
#
CX

What the Qantas breach is teaching us about crisis management

Wed, 2nd Jul 2025
Author image
By Sean Mitchell, Publisher

Qantas, Australia's national carrier, has confirmed that a major data breach has compromised the personal information of up to six million customers, prompting a wave of responses from business leaders and crisis management experts. The breach, which reportedly originated from a third-party contact centre platform, underscores escalating concerns about cybersecurity vulnerabilities in the aviation sector and among organisations handling large volumes of sensitive data.

In the wake of the incident, Candice Gersun, Senior PR and Communications Director at Reconnect PR, emphasised the vital importance of transparent, coordinated communication. "When a major airline like Qantas experiences a cyber attack, clear and timely communication is essential. Qantas's Communication and PR team must work closely with C-suite executives, legal, compliance and cybersecurity teams to ensure aligned messaging that protects customer trust and meets regulatory expectations. Silence or delay creates a vacuum that fuels speculation, misinformation and reputational damage," Gersun said. She further noted the need for legal and communications teams to balance transparency with legal risk, warning that how the company communicates during such a crisis matters as much as the technical response itself. "Customers understand that cyber attacks happen, but they expect honesty, accountability and leadership."

Andrew Knowles, Founding Partner of SKMG and an experienced crisis communications professional, remarked on the pressure facing Qantas' new CEO, Vanessa Hudson. "Qantas' reputation remains a raw nerve for most Australians, making new CEO Vanessa Hudson's crisis management crucial. Early signs suggest she's handling this cyber incident better than her predecessor," he observed. Knowles pointed to the importance of fast acknowledgement and clarity, especially relating to what customer data remains secure, including frequent flyer numbers, PINs, and credit card details. He suggested that while cyberattacks are now almost expected by regular consumers, companies are judged by their handling of the aftermath—not by an unattainable standard of perfect prevention. "Hudson has a real opportunity to rebuild trust through action: customers don't need all the answers upfront, but they do want evidence of work being done to find them. The key will be whether Qantas maintains frequent updates showing genuine progress or goes silent after this initial response."

On the technical and operational front, Richard Valente, Vice President of Customer Experience Strategy at TP in Australia, highlighted the vulnerability created by remote workforces. "Humans are the weakest link in a data breach. When large numbers of staff work remotely, whether in a call centre or from home, they are more susceptible to scams and hackers," Valente said. He discussed his company's use of advanced technological and artificial intelligence-driven methods to bolster security while supporting remote teams, including protocols that can shut down an employee's computer in the event of suspicious activity. Valente urged Qantas to go beyond technology, advocating for a blend of AI-driven security and emotional intelligence in its customer interactions. "Consumers expect authentic, empathetic, person-to-person interactions when sensitive information has been compromised," he said.

Adding a behavioural science perspective, Renata Freund, Founder of Honeycomb Strategy, warned of the long-term repercussions data breaches hold for customer trust. "This cyber-attack on Qantas's third-party contact centre platform demonstrates that data breaches extend far beyond technical vulnerabilities, they fundamentally impact customer trust and corporate reputation," Freund stated. Citing Honeycomb Strategy research, she noted that the first 72 hours following a breach are critical for trust recovery. Freund commended Qantas for its initial steps in establishing dedicated customer support but stressed the ongoing need for communication and visible improvements, particularly in third-party vendor oversight, to reassure both affected and unaffected customers and to maintain market confidence.

Industry observers will be closely monitoring Qantas's continued response, leadership transparency, and its ability to strengthen cybersecurity measures in the hope of restoring and preserving customer trust in the months ahead.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Why remuneration disclosure breaches increased 695% last year
Boomi recognises APAC innovation with awards for digital impact
Rising cyber threats drive businesses to adopt MSSP solutions
Phishing kits & steganography drive new wave of email threats
Milestone reveals city AI model as hackathon prize hits EUR €5,000

Top stories

Microsoft to enable in-country Copilot data processing by 2026
Anthropic identifies AI-driven cyber-espionage campaign
Experts reveal why traditional accounts payable is dead
Samsung’s Knox Security framework - Smart, secure and scalable
Why Australian organisations must automate accounts payable now