Qantas gains ruling over data hack hitting dark web

Meanwhile, law firm Maurice Blackburn said on Friday it has lodged a complaint with the Office of the Australian Information Commissioner (OAIC) on behalf of affected Qantas customers.

Legal experts suggest the incident could lead to a class action against the carrier after compensation claims were made against Optus and Medibank following major data breaches in 2022.

Qantas has emphasised that even though the personal details of 5.7 million customers were compromised via a hack in one of its offshore call centres, no credit card details, personal financial information or passport details have been accessed.

"We want to do all we can to protect our customers' personal information and believe this ( injunction) was an important next course of action," the airline said on Thursday.

The names, email addresses and frequent flyer details of four million customers were exposed.

The remaining 1.7 million customers had more data taken, including their names, email addresses, dates of birth, phone numbers, personal or business addresses, gender and meal preferences.

A statement of claim lodged in the NSW Supreme Court on Wednesday identified the defendant as "persons unknown".

It defined them as any person or entity that carried out or aided in the cyber hack and that "communicated payment details" to the plaintiff Qantas.

The carrier previously said a possible cybercriminal had contacted it about the data breach but it confirmed in the claim that no ransom has been paid.

The airline demanded the defendant also "take all steps to immediately remove all and any of the impacted dataset ... from all accessible internet locations".

It also included any publication on the "dark web".

Australian Federal Police investigators are also probing the breach.