Exclusive: More than a million Qantas customers had more of their data stolen in last week’s massive cyberattack than they were first told.

Since Wednesday, the airline has been emailing the roughly 5.7 million affected people to tell them exactly what information of theirs had been compromised in the hack on a call centre.

However, today, 1.1 million of those customers received a second email from the airline, informing them more data had been stolen than first thought.

A Qantas A380 aircraft passes Gate 20 at The Beach, Mascot on the perimiter of Sydney Airport. Qantas.
Qantas has told some custers they had more data stolen in last week’s cyberattack than they were first told. (Wolter Peeters/SMH)

In the vast majority of these cases, customers’ phone numbers have been stolen, on top of the other information they had been informed of earlier in the week.

“We will this evening have completed emailing all of the customers impacted in the cyber incident that had an email address in the system,” a Qantas spokesperson told 9news.com.au.

“As part of our ongoing analysis of the data, we’ve identified some customers who we had already emailed in recent days who also had data in the ‘business phone’ field.

“We are emailing customers this afternoon to advise them.”

Qantas had previously said about 900,000 people and businesses had their phone number stolen in the hack.

“We are writing to provide you with an update following our previous email about the cyber incident on Monday, 30 June 2025,” the new emails seen by 9news.com.au read.

“Our ongoing investigation has identified that your phone number details were accessed in addition to the data types we previously advised.

An excerpt of the email sent to some Qantas customers.
An excerpt of the email sent to some Qantas customers. (Nine)

“We recommend you remain vigilant for any unexpected contact by phone, in addition to the email and text message precautions we outlined in our previous communication.”

Qantas confirmed on Wednesday that email addresses, phone numbers, addresses, dates of birth, genders and even meal preferences in some cases had been stolen, as well as frequent flyer numbers, points balances, tiers and status credits.

However, it has stressed no login details, credit card numbers, payment details or passport numbers have been compromised.

You May Also Like

Dave Portnoy goes scorched earth after losing bet on wild Yankees comeback

Gambling content 21+. The New York Post may receive an affiliate commission…

Trump warns he's about to make a 'major' statement against Russia

Two days after complaining about Vladimir Putin’s “bulls—“, Donald Trump says he’s…

JD Vance's Wife Usha Revealed A Jarring Moment That Won't Help Those Divorce Rumors

By Lea B July 11, 2025…

Rolling Stones rocker Mick Taylor stunned to learn ‘stolen’ guitar somehow wound up at Met Museum

It’s a rock ’n’ roll mystery — call it the case of…