The Qantas privacy finding: a positive lesson in third-party oversight

A serious data breach does not automatically mean governance failed.

The more important question is whether an organisation can demonstrate that it understood the risks, assessed the third party, monitored its controls and responded effectively when something went wrong.

The OAIC’s report into the 2025 Qantas data breach provides a valuable example.

What happened?

The breach affected approximately 5.12 million Australians after a threat actor used phone-based social engineering to deceive an employee of an overseas contact centre provider.

Despite the scale of the incident, the OAIC’s preliminary inquiries did not identify evidence suggesting Qantas had failed to take reasonable steps to protect personal information or oversee its third-party provider.

That matters—not because Qantas prevented the incident, but because it could demonstrate an active system of third-party governance.

What Qantas could demonstrate

Before the breach, Qantas had:

  • assessed the provider before onboarding
  • conducted cyclical supplier audits
  • recently completed an onsite security assessment
  • assessed technical, operational, privacy and data governance controls
  • required recurring cyber and privacy training
  • tracked and reported training completion
  • established contractual privacy and security obligations
  • maintained audit rights
  • implemented role-based access controls
  • operated data retention and deletion processes.

Qantas could therefore produce evidence that it had continued to assess the provider after the contract was signed.

This is more meaningful than relying on a supplier questionnaire, compliance certificate or contractual promise.

The lesson for third-party risk management

Ongoing assessment cannot guarantee that a breach will never occur. It can demonstrate that the organisation took reasonable steps to understand and manage the risk.

A mature third-party assessment should ask:

  • Are the expected controls operating effectively?
  • Has the supplier’s risk profile changed?
  • Have staff completed required training?
  • Are access permissions still appropriate?
  • Is personal information being retained only while needed?
  • Have identified weaknesses been addressed?
  • What is our current level of comfort in the controls?

This creates a defensible history of what the organisation knew, what it assessed and what actions it took.

The direct connection to AI

The same approach is essential when third parties provide AI models, platforms or AI-enabled services.

AI providers can change their models, data practices, subprocessors, security arrangements and system capabilities after the initial assessment. A product that was appropriate when approved may operate very differently six months later.

The OAIC’s guidance on commercially available AI products explicitly warns against a “set and forget” approach. Organisations should regularly review product performance, staff training and monitoring throughout the AI lifecycle.

Ongoing AI supplier assessments should examine:

  • what personal or sensitive information the system accesses
  • whether inputs or outputs are used to train models
  • where data is processed and retained
  • whether new subprocessors or external tools are involved
  • whether changes affect the approved use case
  • whether outputs remain accurate and reliable
  • whether human oversight is operating
  • whether security incidents and weaknesses are addressed.

This becomes even more important with agentic AI, where systems may access data, interact with external tools or initiate actions with limited human direction.

The governance takeaway

The OAIC’s report does not give Qantas a blanket endorsement, nor does it conclude that every control was perfect.

It does, however, show the value of continuing to assess third-party performance and retaining evidence of that oversight.

The objective is not to claim that a supplier is risk-free. It is to understand whether its controls continue to operate effectively—and to be able to prove it when it matters.

More from the Reading Room

Using AI Risk Management to Accelerate Innovation

New Diligent Institute / Governance Institute of Australia data shows 61% of Australian boards restrict employee AI use while only 13% have an AI-literate director — proof that restriction and real governance are pulling apart. NIST's expanding AI Risk Management Framework and the EU AI Act's 2 August 2026 third-party accountability deadline show how structured, evidence-based workflows are what actually let AI adoption move faster, safely.

APRA’s CPS 230 Tweaks: Small Amendment, Big Governance Signal

APRA has released final targeted amendments to CPS 230 Operational Risk Management. The item is current and sits within APRA’s prudential framework, so boards and risk teams should treat it as a live governance and…

AI Agents and Non-Human Identity Risk

When a single ungoverned AI tool gave attackers a path from a Vercel employee’s device into Vercel’s internal systems, and a poisoned VS Code extension let attackers pull roughly 3,800 repositories out of GitHub, the common thread wasn’t a coding flaw — it was an unmanaged non-human identity. With AI agents now driving machine identities to roughly 109 per human inside the average enterprise (CyberArk, 2026), most governance frameworks still treat identity as a human-only problem.

AI Risk Management Must Shift from Advisory to Driving Informed Risk Taking

Commonwealth Bank's 2026 AI transparency report, Deloitte's board AI-literacy data and PwC's 2026 AI Performance Study all point the same way: risk teams stuck in a purely advisory role are becoming a competitive liability, not a safeguard. Here's what separates governance that enables from governance that only gates.