Social Engineering and the Recent Qantas Data Breach
By Eszter Coombs, Content Author at GRC Solutions
In July 2025, Qantas reported a data breach which compromised 5.7 million of its customersā personal information. It was the consequence of a malicious cyber-attack.Ā
How Social Engineering Bypasses Traditional Cyber Defences
Attackers apparently targeted a Qantas call centre located in Manila and operated by a third party. They spoke with an operator and by means of impersonation gained access to a platform housing Qantas customer data. Deception of this kind over the phone is known as āvishingā ā which combine the words āvoiceā and āphishingā.Ā
Building a Human Firewall: Training and Awareness StrategiesĀ
The attackersā approach illustrates the threat to a companyās cyber security posed by forms of social engineering. Social engineers manipulate the trust of individuals as a means of infiltrating organisations. They aim to bypass larger security systems by playing on human error, weakness and emotion.Ā Ā
The Office of the Australian Information Commissioner has published figures showing that more than one in four (115 of a total of 404) data breaches reported in Australia in the second half of 2024 occurred because of social engineering.Ā Ā
Within many organisations, well-meaning individuals pose the greatest threat to cyber security.Ā
Equip your People Against Social Engineering
GRC Solutions offers courses in, Cyber Security and Fraud Awareness designed to equip staff as a crucial line of defence against scammers and hackers.Ā Ā
Our lesson content introduces the āmovesā involved in social engineering and other forms of compromise, to empower individuals to recognise and repel threats.Ā
Our courses are regularly updated to reflect legal changes and industry best practice and delivered via the award-winning Salt Compliance Learning Management System.Ā
Start Preparing Now
Contact us to discuss vital tailored eLearning for your team.Ā
