334/68 Thursday, September 11, 2025
Qantas Group, Australia’s largest airline, announced a 15% reduction in short-term performance-based compensation for senior executives, including current CEO Vanessa Hudson, amounting to $250,000. The decision was made to demonstrate accountability for the cyberattack earlier this year, which had a significant impact on customers. The pay cut was disclosed in Qantas’ 2025 annual financial report, where despite strong business performance, the board emphasized that the consequences of the incident could not be overlooked.
According to the report, Qantas detected the attack on June 30, when hackers breached a third-party provider connected to its customer service center. The breach exposed the personal information (PII) of more than 5.7 million passengers. Most of the stolen data included names, email addresses, and frequent flyer membership numbers. Some customers also had additional details leaked, such as addresses, birthdates, and phone numbers. However, the airline stressed that no sensitive data-such as credit card details, financial information, passports, or account passwords—was compromised.
The attackers were identified as UNC6040, part of the same network as the ShinyHunters group, which has previously targeted global companies such as Adidas, Pandora, and Cisco by exploiting Salesforce platforms to access corporate back-end systems. In response, Qantas implemented stronger security measures, including two-factor authentication (2FA), and warned customers to remain vigilant against phishing emails and scams impersonating Qantas staff. The company emphasized that the executive pay cuts reflect its accountability to both shareholders and passengers, while a deeper investigation into the breach remains ongoing.
Source https://www.darkreading.com/cyberattacks-data-breaches/qantas-reduces-executive-pay-cyberattack
