Qantas Cyber Incident Exposes Data of 6 Million Customers
A cyber breach at a Qantas contact centre leaked details and frequent flyer numbers of 6 million members.
In a cyberattack against the airline, nearly half of all Qantas Frequent Flyer members have had their data compromised. Qantas published a statement earlier today, revealing that hackers gained access to customer details through third-party software used by a single contact centre.
"We detected unusual activity on a third party platform used by a Qantas airline contact centre. We then took immediate steps and contained the system. We can confirm all Qantas systems remain secure," the statement reads.
Although claiming your system is secure after just admitting to compromising around 6 million customer records, which now appear to be in criminal hands, is of little comfort. Here's what we know so far, and how to keep your data safe.
What data was leaked?
Based on Qantas’ statement, affected customers may now have the following personal information circulating online:
- Names
- Email addresses
- Phone numbers
- Dates of birth
- Frequent Flyer numbers
In short, everything a scammer needs to socially engineer access to your account. Members should be extra vigilant right now when it comes to calls, emails and text messages that appear to come from Qantas. Always verify that the contact is genuine.
What’s Qantas doing?
Qantas has notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. Because this is a criminal matter, the Australian Federal Police are also involved. While that does not recover the data, at least customers have been made aware of the breach and an investigation is under way.
How to protect yourself
Scammers will most likely use the leaked information to pose as Qantas employees. With so much detail already in hand, they may convince some people to transfer money or hand over credit-card details.
If you use Gmail, verifying the sender of an email is simple:
- Click the three dots beside the message.
- Select Show original.
- Look for DKIM and DMARC results. If you see dkim=pass and a matching DMARC pass for qantas.com, the message originated from Qantas’ authorised platform.
Even when those signatures pass, run the usual sense checks: hover over every link, read the tone and confirm any request through a trusted channel. For payments, password resets or personal-data requests, leave the email and log in directly through the Qantas app or website, or call the airline.
The number-one rule is never to give personal or payment details to anyone who contacts you first, no matter how urgent they make it sound. Instead, reach out to Qantas yourself via the phone numbers on qantas.com to confirm any message or email.
Conclusion
This breach puts millions of travellers at greater risk of phishing and identity fraud. While no passwords, financial data or passport details were exposed, the leaked personal information is still valuable to criminals. Staying sceptical of unsolicited contact, double-checking every email signature and keep your account credentials to yourself is still key here!
