---
title: "Cybersecurity Infrastructure Gaps, UK Cyber Surge, Qantas Data Breach | DMARC Report"
description: "Cybersecurity Infrastructure Gaps, UK Cyber Surge, Qantas Data Breach from DMARC Report explains practical steps for email authentication, domain protection."
image: "https://dmarcreport.com/og/blog/cybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach.png"
canonical: "https://dmarcreport.com/blog/cybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach/"
---
Quick Answer
\_According to the FBI's 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report Cybersecurity Infrastructure Gaps, UK Cyber Surge, Qantas Data Breach
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Infrastructure%20Gaps%2C%20UK%20Cyber%20Surge%2C%20Qantas%20Data%20Breach&url=undefined%2Fblog%2Fcybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach%2F&title=Cybersecurity%20Infrastructure%20Gaps%2C%20UK%20Cyber%20Surge%2C%20Qantas%20Data%20Breach "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Infrastructure%20Gaps%2C%20UK%20Cyber%20Surge%2C%20Qantas%20Data%20Breach&body=Check out this article: undefined%2Fblog%2Fcybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach%2F "Share via Email")
> From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.
\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report
Cybersecurity Infrastructure Gaps, UK Cyber Surge, Qantas Data Breach
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-32782” readonly/>
```
```
Hello people!
It feels like time is almost flying as we have entered the **third week of October**. Before we even realize it, 2025 will be over, and everyone out there will once again start preparing for the new year 2026\. But what about cyber preps? 2025 has already been a not-so-good year, given that multiple [cybersecurity](https://dmarcreport.com/blog/how-to-educate-or-train-employees-on-cybersecurity/) mishaps have already occurred this year. Are we ready for what awaits us in **2026**?
Only one thing can protect us from [state-of-the-art](https://www.researchexperts.in/what-is-state-of-the-art/) cyberattacks in 2026, and that is **cyber education**. That’s why we always keep you updated with the major cyber incidents from around the world.
We are back again with **week 3 cyber bulletin** ,and this time our focus will be on the under-equipped critical infrastructures that easily fall prey to [cyberattacks](https://www.aljazeera.com/news/2025/4/15/china-accuses-us-of-launching-cyberattacks-during-asian-winter-games).\_ Next, we will talk about a massive 50% boost in cyber incidents in the UK. Lastly, we will discuss the recent Qantas data leak mishap - thanks to Salesforce! Let’s get started with the details!
## Critical infrastructures are under-equipped when it comes to cybersecurity!
The infrastructure of any nation plays a critical role in its development. As more and more infrastructural setups across the \*\*globe are getting digitized to cater to the demand of modern times, they are gradually becoming a favorite among [threat actors](https://cybersecuritynews.com/iranian-threat-actors-attacking-u-s-critical-infrastructure/). One, because targeting a [critical infrastructure](https://www.cbsnews.com/news/china-hacking-us-critical-infrastructure-retired-general-tim-haugh-warns-60-minutes-transcript/) system can create massive damage to that nation, thereby creating panic and unrest among the people. Two, such cyberattacks often bring in a lot of money.
But why is it so easy to attack the infrastructure system across the globe? The reason is simple- a lack of fail-proof cybersecurity systems.
_From water treatment facilities to electric grids, from transportation systems to pipelines, every infrastructural system is getting targeted by threat actors left, right, and center_. The lack of adequate cybersecurity mechanisms is the major reason behind the vulnerability of the **crucial infrastructures**.
It is a very common practice to invest in cybersecurity when it comes to [IT networks](https://www.lawinsider.com/dictionary/it-network). But industrial controls and operations often get ignored, and that’s why it gets very easy for threat actors to target critical infrastructure systems of any country. From random [cybercriminals](https://gbhackers.com/cybercriminals-exploiting-expired-discord-invite-links/) to [state-sponsored hackers](https://moxso.com/blog/what-is-state-sponsored-hacking), every threat actor closely monitors the operation \*\*technology ecosystem in different nations to detect any kind of loopholes or weak points.
## \*\*A whopping 50% upsurge in cyber incidents in the UK The NCSC, or National Cyber Security Center, has stated that “**highly significant**” cyberattacks in the UK have witnessed a staggering [50% ](https://www.theguardian.com/technology/2025/oct/14/cyber-attacks-rise-in-past-year-uk-security-agency-says)spike. From ministers to national security officials and cybersecurity experts, everyone is urging individuals and business enterprises to buckle up and prepare a [fail-proof contingency plan](https://www.entrepreneur.com/en-gb/leadership/five-elements-of-a-fail-proof-contingency-plan-and-why/491432) in case they get targeted by cybercrooks.
The [NCSC](https://www.ncsc.gov.uk/news/ncsc-partners-share-guidance-for-communities-at-high-risk-of-digital-surveillance) believes that excessive reliance on digitization and sophisticated [ransomware attackers](https://www.voanews.com/a/ransomware-attacks-death-threats-endangered-patients-and-millions-of-dollars-in-damages/7520952.html) are responsible for this mind-numbing spike in cyber incidents in just one year. Experts recommend considering cyber-resilience as one of the serious topics to be included in boardroom meetings. Similarly, cyber risk management should be an **integral part of the governance**, believes Anne Keast Butler, the [GCHQ director](https://en.wikipedia.org/wiki/Director%5Fof%5FGCHQ).
Experts and authorities feel that [terrorist attacks](https://www.ndtv.com/world-news/nyt-slammed-by-us-government-over-its-reportage-of-kashmir-terror-attack-8249278) can have severe implications on the UK’s economy as well as the livelihood of common people. The current situation demands close cooperation among the government, concerned authorities, a team of experts, business organizations, and commoners. NCSC also expects [AI-initiated](https://www.capicua.com/blog/artificial-intelligence-cybersecurity), sophisticated cyberattacks to pose serious threats in the near future. So, being proactive and taking adequate \*\*precautionary measures are the only ways to combat the rise in threat incidents.
## Millions of Qantas customers vulnerable to threat attack as their personal data has been leaked!
Qantas, an **Australian-based airline company**, experienced a data breach back in July when cybercriminals targeted one of its customer support centers. The breach occurred as [cybercrooks](https://wtop.com/local/2025/04/cyber-crooks-scam-dc-md-and-va-out-of-848-million-in-2024/) managed to break into the networks of the [third-party service](https://www.websitepolicies.com/blog/third-party-service-provider)[ ](https://www.websitepolicies.com/blog/third-party-service-provider)[provider](https://www.websitepolicies.com/blog/third-party-service-provider), Salesforce.
_The hackers managed to gain unauthorized access to highly sensitive data such as email addresses, dates of birth, names of customers, contact numbers, and so on._ On Sunday, Qantas confirmed that the breach had compromised the data of over [5.7 million customers](https://www.theguardian.com/technology/2025/oct/14/cyber-attacks-rise-in-past-year-uk-security-agency-says) and that it had already been leaked on the [dark web](https://www.bbc.com/news/world-us-canada-68701958).
Alongside Qantas, the Salesforce breach has affected major companies like Google, Disney, Toyota, IKEA, McDonald’s, KLM Airlines, and Air France. The only \*\*silver lining among the dark clouds is that no financial information, passport details, or credit card data have been compromised so far.
To combat [phishing and email spoofing](https://www.msspalert.com/brief/novel-usps-spoofing-phishing-attack-relies-on-malicious-pdfs), organizations are implementing [DMARC](https://dmarcreport.com/), [DKIM](https://dmarcreport.com/what-is-dkim/), and [SPF](https://autospf.com/blog/spf-guide-understanding-sender-policy-framework/) protocols.
Experts believe that the group [Scattered Lapsus$ Hunters](https://www.scworld.com/news/scattered-lapsus-hunters-release-stolen-data-from-salesforce-customers) is behind the nerve-wracking cyberattack on **Salesforce**. Allegedly, the final deadline for ransom payment was 10th October. Now that the due date has passed, targeted companies fear that their [sensitive data](https://www.csoonline.com/article/3819170/nearly-10-of-employee-gen-ai-prompts-include-sensitive-data.html) may be leaked online.
The hackers managed to break into Salesforce systems by using the commonly used **identity impersonation technique**.
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ News ](/tags/news/)[ SPF ](/tags/spf/)
[ Vasile Diaconu ](/authors/vasile-diaconu/)
Operations Lead
Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.
[LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 4m Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing May 29, 2025 ](/blog/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/)[ Foundational 4m Africa Fights Cybercrime, Attention Farmers Customers, Apple Prevents Threats Aug 28, 2025 ](/blog/africa-fights-cybercrime-attention-farmers-customers-apple-prevents-threats/)[ Foundational 4m AI Scam Alert, Federal Cuts Vulnerability, American Tire Cyberattack Sep 9, 2025 ](/blog/ai-scam-alert-federal-cuts-vulnerability-american-tire-cyberattack/)[ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Infrastructure Gaps, UK Cyber Surge, Qantas Data Breach","description":"Cybersecurity Infrastructure Gaps, UK Cyber Surge, Qantas Data Breach from DMARC Report explains practical steps for email authentication, domain protection.","url":"https://dmarcreport.com/blog/cybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach/","datePublished":"2025-10-15T08:44:10.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2025-10-15T08:44:10.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/cybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach/"},"articleSection":"foundational","keywords":"dkim, DMARC, News, SPF","wordCount":1106,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Cybersecurity Infrastructure Gaps, UK Cyber Surge, Qantas Data Breach","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Infrastructure Gaps, UK Cyber Surge, Qantas Data Breach","item":"https://dmarcreport.com/blog/cybersecurity-infrastructure-gaps-uk-cyber-surge-qantas-data-breach/"}]}
```