Over 1m Qantas customers have personal data leaked after cyber-attack

Qantas has confirmed that over a million customers have had their personal data leaked in a cyber-attack last week.

After removing duplicate records, the airline’s investigation has found that there were 5.7 million unique customers’ data held in the system. Specific data fields compromised vary from customer to customer.

The Australian airline said that cyber criminals gained access to around four million customer records, which contained some combination of name, email address and Qantas frequent flyer details.

Of these, approximately 1.2 million customer records contained names and email address while 2.8 million customer records contained name, email address and frequent flyer number.

The remaining 1.7 million customer records contained a combination of the data fields along with one or more data points such as address, gender, date of birth or phone number.

Qantas said around 1.1 million customers had their date of birth details compromised, while 900,000 had their phone number breached.

The airline added that there is no evidence that any personal data stolen from Qantas has been released but said that with the support of specialist cyber security experts it is continuing to actively monitor the situation.

Qantas reconfirmed no credit card details, personal financial information or passport details were stored in this system and therefore have not been accessed.

The airline said it is in contact with affected customers to inform them as well as offer advice and support.

The company has also increased resourcing in contact centres to support customers and said it received more than 5000 enquiries through the dedicated customer support line established following the cyber incident.

Qantas group chief executive Vanessa Hudson said that since the incident, Qantas has put in place a number of additional cybersecurity measures to further protect customers data, and the airline remains in “constant contact” with the National Cyber Security Coordinator, Australian Cyber Security Centre and the Australian Federal Police.

“Our absolute focus since the incident has been to understand what data has been compromised for each of the 5.7 million impacted customers and to share this with them as soon as possible,” she added. “From today we are reaching out to customers to notify them of the specific personal data fields that were held in the compromised system and offer advice on how they can access the necessary support services.”



Share Story:

Recent Stories


Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.

Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.