Customers at McDonald’s, Disney, Adidas and 41 Other Companies Have Personal Information Exposed As Hackers Dump Trove of Records on Darknet: Report

A notorious hacker group has reportedly exposed customer data from over 40 companies worldwide, including Qantas, McDonald’s, Disney, Ikea, Adidas, Gap, Vietnam Airlines and Toyota.

Among the victims are five million Qantas customers, who had their personal details leaked on the dark web after unmet ransom demands, reports The Guardian.

The records were stolen between April 2024 and September 2025, with public leaks by Scattered Lapsus$ Hunters emerging in early October 2025 after a ransom deadline passed.

The Qantas data breach has exposed a trove of the airline’s records including customers’ email addresses, phone numbers, birth dates and frequent flyer numbers.

For other affected companies, the stolen data covers personal and contact information of customers and employees, such as dates of birth, purchase histories and passport numbers.

No credit cards or financial data was stolen.

According to Jeremy Kirk from Intel 471, a well-known hacker collective known as Scattered Lapsus$ Hunters is behind the extortion and leak.

Qantas says it has a 24/7 support line available and is offering specialist identity protection advice to affected customers.