It started with a simple phone call.
A calm, professional voice claiming to be from IT support.
But that voice wasn’t human, it was artificial intelligence.
And in minutes, it opened the door to one of Australia’s most alarming cyberattacks.
The Qantas Data Breach That Shook the Nation
On June 30, Qantas confirmed a serious data breach linked to its Manila-based call centre, exposing customer names, email addresses, phone numbers and frequent flyer details.
Hackers used AI-generated voices in a scheme known as “vishing” (voice phishing), tricking staff into installing what appeared to be Salesforce’s Data Loader tool. In reality, it was malware that granted full access to customer databases stored in Salesforce accounts.
According to The Daily Telegraph,
“The data leak site claimed to have 153 gigabytes worth of Qantas data in its possession, representing the personal details of 5.7 million customers stolen from the airline’s Manila call centre.”
That’s 5.7 million Australians whose personal details could now be weaponised in targeted scams, identity theft, and phishing attacks.
When Hackers Sound Human
This wasn’t a code exploit, it was a psychological one.
Cybercriminals used AI to replicate real IT voices, complete with accent, tone, and urgency. The result? Employees trusted them instantly.
It’s a chilling evolution of cybercrime: where AI deepfakes, cloned voices, and human trust collide.
Even trained professionals can be fooled. And once a fake IT call installs malicious software, no firewall or antivirus can stop it.
The Hidden Cost of One Mistake
The Qantas vishing attack is more than a data leak, it’s a wake-up call for every organisation.
Here’s what makes these attacks so dangerous:
- 🧠 AI can mimic real voices of managers or IT staff.
- ⏱️ Scammers create urgency, making victims act before they think.
- 🏢 Business tools like Salesforce become perfect camouflage for malware.
- 🔓 One employee error can expose millions of customer records.
Even worse, criminals can combine Qantas data with other breached databases to craft hyper-personalised scams that feel legitimate — targeting you, your business, or your family.
How to Protect Yourself and Your Organisation
Cybersecurity isn’t just a technical problem, it’s a human one.
And that’s exactly where prevention starts.
Here are the essential steps:
- Enable Two-Factor Authentication (2FA) on all platforms.
- Regularly train staff to recognise vishing and phishing tactics.
How Cyber Anchor Can Help
At Cyber Anchor, we make cybersecurity simple, accessible, and human.
Our Online Cyber Awareness Training Course helps you and your team:
- Recognise AI voice scams before it’s too late.
- Identify fake tech-support calls and social engineering traps.
- Protect sensitive customer data and stop insider threats.
You don’t need to be a tech expert: you just need the right knowledge.
Online Safety Made Easy:
Simple and easy to understand cybersecurity solutions designed for everyone
No Expert Knowledge Required:
Just an open mind and the application of easy, practical online safety tipes
Don’t wait until it’s too late: learn how to protect your personal information today.
Take action now and sign up to Cyber Anchor to join our free talks and our community to discover how we can help you stay safe online. Let us help you understand the latest threats and provide the tools you need to protect yourself and your family from cybercrime.
Learn more about Cyber Anchor solutions and start your journey to a safer internet experience today.