Qantas Airways Penalizes CEO For July Data Breach

SYDNEY — Senior executives’ annual bonuses at Qantas (QF) have been reduced following a cyberattack in July, which exposed information on 5.7 million people.

Pay Reduction Reflecting Shared Responsibility

Qantas reported a profit of $1.5 billion in the last fiscal year. Yet, the airline acknowledged the seriousness of the cyber incident and decided to reduce short-term bonuses by 15% for the CEO and Executive Management.

For the CEO of Qantas, Vanessa Hudson, a 15% pay reduction equals approximately $250,000.

“While management took immediate action to contain the breach, support customers and put additional protections in place, in recognition of the seriousness of the incident, we decided to reduce 2024/25 short-term bonuses by 15 percentage points for the CEO and Executive Management,” said  John Mullen, Qantas Group Chairman.

Mullen explained that the decision reflects shared accountability, efforts to support customers, and the implementation of additional preventive measures.

Cyber Attack In July

The investigation into the cyber attack is still ongoing. Qantas is observing an increase in social engineering threats and using lessons learned from incidents to strengthen its risk management framework.

Qantas reported that 2.8 million customers had names, email addresses, and Qantas Frequent Flyer numbers leaked, and 1.7 million other customers had home addresses, dates of birth, phone numbers, meal preferences, or genders leaked.

Qantas representatives assured that no credit card or passport details were exposed, and Qantas Frequent Flyer accounts are safe from breach.

A cyber attack followed a warning about a campaign targeting the airline industry by members of the Scattered Spider cybercriminal group.

Hackers from the Shiny Hunters hacker group claimed responsibility for the attacks, which involved exploiting platforms and systems connected to Salesforce.