Australian airline Qantas on Wednesday confirmed that personal data of 5.7 million customers was compromised in a cyberattack involving one of its call centres last week.
Table Of Contents
What Happened
According to Quantas, the breach that occurred last week saw a cybercriminal gaining access to a third-party customer servicing platform used by the airline’s contact centre.
Although the system was contained, a “significant” amount of data belonging to approximately 5.7 million customers was stolen. However, a forensic investigation, supported by cybersecurity experts, has confirmed that sensitive data such as credit card numbers, passport details, and login credentials—including passwords and PINs—were not stored in the affected system and therefore have not been accessed.
So far, there is no evidence that any of the compromised data has been leaked or misused, but Qantas says it will continue to monitor the situation closely.
Who Is Affected
After removing duplicate records, Qantas identified that personal data for 5.7 million unique customers was stored in the compromised system, which varied from person to person.
Here’s a summary of what was exposed:
- 4 million customers had data limited to names, email addresses, and Qantas Frequent Flyer details:
- 2 million customers: name and email address only
- 8 million customers: name, email address, and Qantas Frequent Flyer number (most included tier level; a few of these included points balance and status credits)
- Of the remaining 1.7 million customers, their records included a combination of some of the data fields above and one or more of the following:
- 3 million: combination of residential addresses and business addresses, including hotels for misplaced baggage delivery.
- 1 million: date of birth
- 900,000: phone numbers (mobile, landline, and/or business)
- 400,000: gender
- 10,000: meal preferences
Customer records were identified using unique email addresses, so individuals with multiple email accounts may have multiple entries in the system.
How Qantas Is Responding
Qantas has started sending emails to notify affected customers to advise them of the types of their personal data that were contained in the impacted system. The airline has also set up a dedicated 24/7 support line offering specialist identity protection assistance: 1800 971 541 (Australia) or +61 2 8028 0534 (international).
Vanessa Hudson, Qantas Group Chief Executive Officer, said the airline’s priority is transparency and customer support.
“Our absolute focus since the incident has been to understand what data has been compromised for each of the 5.7 million impacted customers and to share this with them as soon as possible,” Hudson said.
“From today we are reaching out to customers to notify them of the specific personal data fields that were held in the compromised system and offer advice on how they can access the necessary support services,” he added.
“Since the incident, we have put in place a number of additional cyber security measures to further protect our customers data, and are continuing to review what happened. We remain in constant contact with the National Cyber Security Coordinator, Australian Cyber Security Centre and the Australian Federal Police. I would like to thank the various agencies and the Federal Government for their continued support.”
What Customers Can Do
While the breach didn’t expose critical financial details, the airline is advising all customers to take general precautions:
- Be cautious with suspicious emails, texts, or calls claiming to be from Qantas.
- Don’t share passwords or sensitive account details.
- Use two-step authentication, such as an authentication application, for personal email accounts and other online accounts.
- Stay updated on the latest threats via trusted sources like the Australian Cyber Security Centre and the National Anti-Scam Centre’s Scamwatch webpage.
- Visit IDCARE for personal security resources.
- Anyone who suspects they have been targeted by a scam should report it to Scamwatch.
