Since Wednesday, the airline has been emailing the roughly 5.7 million affected customers to tell them exactly what information of theirs had been compromised in the hack on a call centre.

However, some customers have today received a second email from the airline, informing them more data had been stolen than first thought.

A Qantas spokesperson told 9news.com.au that, in the vast majority of these cases, it had discovered through its ongoing investigation into the incident that customers’ phone numbers had been stolen, on top of the other information they had been informed of earlier in the week.

The exact number of people who have received this second email is currently unknown, however Qantas had previously said about 900,000 people and businesses had their phone number stolen.

“We are writing to provide you with an update following our previous email about the cyber incident on Monday, 30 June 2025,” the emails seen by 9news.com.au read.

“Our ongoing investigation has identified that your phone number details were accessed in addition to the data types we previously advised.

“We recommend you remain vigilant for any unexpected contact by phone, in addition to the email and text message precautions we outlined in our previous communication.”

However, it has stressed no login details, credit card numbers, payment details or passport numbers have been compromised.