By Chris Zappone,David Swan

Copyright smh

Airline giant Qantas is bracing for the fallout from a massive cyberattack that has swept up nearly 40 major corporations, with hackers threatening to leak sensitive passenger data unless ransoms are paid by Friday.

Hacker collective Scattered Lapsus$ Hunters claims to have stolen almost 1 billion records by targeting customers of cloud technology giant Salesforce. Their weapon of choice? – “Vishing” or voice phishing – where hackers pose as legitimate employees and call company IT help desks, convincing unsuspecting staff to grant them access.

The group has given high-profile companies including Qantas, Toyota, Disney and Ikea just days to begin ransom negotiations. The stolen data reportedly includes customer dates of birth, passport numbers and purchase histories collected between April 2024 and September 2025.

Qantas said it was aware of a post that contains samples of data stolen from itself and about 40 other companies. The airline says it is actively monitoring the situation with the help of specialist cybersecurity experts.