Qantas is one of a number of companies globally that has had data released by cyber criminals following the airline’s cyber incident in early July, where customer data was stolen via a third party platform. With the help of specialist cyber security experts, we are investigating what data was part of the release.
Through the NSW Supreme Court, we have an ongoing injunction in place to prevent the stolen data being accessed, viewed, released, used, transmitted or published by anyone, including third parties. We have also put in place additional security measures, increased training across our teams and strengthened system monitoring and detection since the incident occurred.
In July, Qantas proactively advised all impacted customers of the types of their personal data that was contained in the impacted system and this has not changed.
We will continue to share updates on qantas.com and through our 24/7 support line on 1800 971 541 or +61 2 8028 0534 where customers have ongoing access to specialist identity protection services.
Qantas continues to work closely with Australian Government agencies, including the Australian Cyber Security Centre and the Australian Federal Police.
Further information:
- Of the 5.7 million Qantas customer records that were stolen in early July, majority was limited to name, email address and Frequent Flyer details.
- A smaller portion of the impacted customer data includes business or home address, date of birth, phone number, gender and meal preferences.
- No credit card details, personal financial information or passport details were impacted. There continues to be no impact to Qantas Frequent Flyer accounts. Passwords, PINs and login details were not accessed or compromised. The data that was stolen is not enough to gain access to these frequent flyer accounts.