Qantas has confirmed a cyber incident occurred in one of its contact centres, affecting customer data. The system is now contained, and customers are being contacted to inform them of the breach and provide support.
The incident happened when a cybercriminal targeted a third-party customer servicing platform used by a Qantas airline contact centre. No operations or safety were impacted, but 6 million customers’ service records on this platform have been compromised.
Stolen data includes names, email addresses, phone numbers, birth dates, and frequent flyer numbers. Credit card details, personal financial information, and passport details are not held in the system. Passwords, PIN numbers, and log-in details remain secure.
Qantas is taking additional security measures to strengthen system monitoring and detection while investigating the breach. The airline has notified relevant authorities, including the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. A dedicated customer support line and webpage have been established for customers to receive updates and support.
Customers can contact the dedicated support line for specialist identity protection advice and resources. For passengers with upcoming travel, there is no need to take action; flight details can be checked via the Qantas App or website.
Source: https://www.qantasnewsroom.com.au/media-releases/qantas-cyber-incident