Qantas cyber attack: What we know about the 'significant' customer data breach

The records of nearly six million customers may have been compromised in a cyber attack on Qantas, but the airline said credit card details, financial information, and passport details were not part of the breach.

The tail of a Qantas plane with blue sky overhead.

Qantas has released a statement saying it detected unusual activity on a third-party platform used by one of its contact centres. Source: AAP

Australian airline Qantas has confirmed a "significant" data breach after cybercriminals broke into a third-party platform used by one of its contact centres.

The airline discovered "unusual activity" on Monday but said in a statement it moved quickly to contain the issue.

The airline said six million customers had service records on this platform.

Qantas said in a statement: "We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant. An initial review has confirmed the data includes some customers' names, email addresses, phone numbers, birth dates and frequent flyer numbers."

The airline said there is no impact on its operations or the safety of its passengers.
Qantas Group chief executive Vanessa Hudson said the company was working closely with the National Cyber Security Coordinator and the Australian Cyber Security Centre.

"We sincerely apologise to our customers and we recognise the uncertainty this will cause. Our customers trust us with their personal information, and we take that responsibility seriously," she said.

"We are contacting our customers today, and our focus is on providing them with the necessary support."

Was any information stolen?

Qantas said the data included names, email addresses, phone numbers, birth dates, and frequent flyer numbers of some customers.
But no credit card details, passport data, passwords, or PINs were stored on the compromised platform.

Qantas said it has notified the Office of the Australian Information Commissioner and the Australian Federal Police, and independent cybersecurity experts are assisting with the investigation.

What to do if your data has been compromised

The airline is emailing affected customers and has set up a dedicated support line at 1800 971 541 (or +61 2 8028 0534 from overseas).

If you suspect your data has been compromised, call the Australian Cyber Security Hotline on 1300 CYBER1 or 1300 292 371.

Mohiuddin Ahmed, a senior lecturer in computing and security at Edith Cowan University, said customers should change their email passwords and set up multi-factor authentication if they haven't already.

"Also, be very vigilant for scam calls, texts and phishing emails. Given the stolen information, sophisticated scammers will target these affected customers," Ahmed said.


For the latest from SBS News, download our app and subscribe to our newsletter.

Share
2 min read

Published

Updated

By Julia Abbondanza
Source: SBS News


Share this with family and friends


Get SBS News daily and direct to your Inbox

Sign up now for the latest news from Australia and around the world direct to your inbox.

By subscribing, you agree to SBS’s terms of service and privacy policy including receiving email updates from SBS.

Download our apps
SBS News
SBS Audio
SBS On Demand

Listen to our podcasts
An overview of the day's top stories from SBS News
Interviews and feature reports from SBS News
Your daily ten minute finance and business news wrap with SBS Finance Editor Ricardo Gonçalves.
A daily five minute news wrap for English learners and people with disability
Get the latest with our News podcasts on your favourite podcast apps.

Watch on SBS
SBS World News

SBS World News

Take a global view with Australia's most comprehensive world news service
Watch the latest news videos from Australia and across the world
Qantas cyber attack: What we know about the 'significant' customer data breach | SBS News