On Wednesday, Australian airline Qantas confirmed a significant data breach affecting the personal information of approximately 5.7 million customers. This cyberattack occurred at one of its call centers last week, raising concerns about data security.
Details of the Cyber Incident
According to Qantas, the breach involved a cybercriminal gaining unauthorized access to a third-party customer service platform utilized by the airline’s contact center. Although the breach was contained quickly, a substantial volume of customer data was compromised.
Fortunately, a forensic investigation conducted with the help of cybersecurity experts revealed that sensitive information, such as credit card numbers, passport details, and login credentials (including passwords and PINs), were not stored within the affected system and thus remain secure.
As of now, there is no evidence of the compromised data being leaked or misused, but Qantas is committed to monitoring the situation diligently.
Who Was Impacted?
After eliminating duplicate entries, Qantas confirmed that the compromised system contained personal data for 5.7 million unique customers, with the specifics varying by individual. Here’s a breakdown of what data was exposed:
- 4 million customers: Information limited to names, email addresses, and Qantas Frequent Flyer details:
- 2 million: name and email address only
- 2 million: name, email address, and Frequent Flyer number (most included tier level; a few included points balances and status credits)
- Of the remaining 1.7 million customers: Records included a mix of the above data fields along with one or more of the following:
- 3 million: combinations of residential and business addresses, including hotel information for misplaced baggage delivery
- 1 million: date of birth
- 900,000: phone numbers (mobile, landline, and/or business)
- 400,000: gender
- 10,000: meal preferences
Records were identified using unique email addresses, which means individuals with multiple email accounts may appear multiple times in the system.
Qantas’ Response
Qantas has begun reaching out to affected customers via email, informing them about the types of personal data that were compromised. Additionally, the airline has established a dedicated 24/7 support hotline for identity protection assistance: 1800 971 541 (Australia) or +61 2 8028 0534 (international).
Vanessa Hudson, Qantas Group Chief Executive Officer, emphasized the airline’s commitment to transparency and customer support. “Our absolute focus since the incident has been to understand what data has been compromised for each of the 5.7 million impacted customers and to share this with them as soon as possible,” Hudson stated.
“From today, we are reaching out to customers to notify them of the specific personal data fields that were held in the compromised system and offer advice on how they can access the necessary support services,” he added.
In response to the incident, Qantas has implemented additional cybersecurity measures to further protect customer data and is actively reviewing the circumstances surrounding the breach, maintaining ongoing communication with the National Cyber Security Coordinator, the Australian Cyber Security Centre, and the Australian Federal Police.
Steps Customers Can Take
While the breach did not expose sensitive financial information, Qantas advises all customers to take general precautions:
- Be vigilant against suspicious emails, texts, or calls claiming to be from Qantas.
- Avoid sharing passwords or sensitive account information.
- Enable two-step authentication for personal email and online accounts.
- Stay informed about the latest threats through trusted sources like the Australian Cyber Security Centre and the National Anti-Scam Centre’s Scamwatch webpage.
- Visit IDCARE for valuable personal security resources.
- If you suspect being targeted by a scam, report it to Scamwatch.
