lovestotravel
Senior Member
- Joined
- Sep 18, 2008
- Posts
- 7,146
So IDCare has now got their auto-reply set up. As I said, they no longer answer the phone, and they direct you to fill out the form. Take a few mins to read the tripe they reply with. This is what Qantas thinks is "dealing with customer concerns".
Note also that it 'claims' to be an Aust/NZ company. When I called originally, and got through, it was the UK.
______________
Thank you for contacting IDCARE. I am sorry to hear you have been impacted by the recent Qantas data breach incident.
IDCARE is a not-for-profit charity that works to support members of the community who experience the exposure of personal information and any misuse events, whether they occur online or in the physical world. We have worked on Australia and New Zealand’s largest data breach events and supported tens of thousands of people across our community that have experienced the compromise or exposure of their information.
I know receiving a notification about a data breach event can be unsettling. We have learnt from assisting in over a thousand data breach events that identity theft or the misuse of individual's information is extremely low following a data breach. Generally, impacted individuals don’t experience anything else beyond the disappointment of being notified. We do however, acknowledge that when personal, account or credential information is accessed by anyone outside of the intended recipient it is not an ideal outcome.
Compromised Information
Qantas has advised IDCARE that one or more of the below items may have been compromised as part of this breach:
Full name,
Address
Phone number
Email address
Date of birth
Frequent Flyer Number
Frequent Flyer tier/points/status
Gender
Please defer to your notification for confirmation of what information has been compromised for your individual situation.
Note: Qantas have advised that no credit card details or passport information was compromised as a part of this incident. Frequent Flyer log in details/passwords were also not compromised.
You may wish to visit the Qantas Media Releases page for additional general information. You can also contact the Qantas dedicated support line, on 1800 971 541 or +61 2 8028 0534 if you have further questions or concerns about the incident or information involved. For any account related questions, please call 13 13 13.
How Does IDCARE Measure Risk?
IDCARE measures risk of future identity misuse based on the nature of the credentials compromised. Personal particulars such as name, address, date of birth, phone number and email address are credentials that alone are low risk of direct future misuse. In most cases what is of real value to identity thieves are passports, driver licences, credit card details and banking username and login details.
Retention of Personal Information and Privacy Concerns
Any matters in relation to privacy concerns or the retention of your personal information will need to be raised directly with Qantas, as a first step. If you have further questions or concerns about thereafter, you can seek advice from the Office of the Australian Information Commissioner (OAIC). Their number is: 1300 363 992, alternatively, you may wish to visit their website for more information.
Scam Engagement and Reducing the risk
Please be mindful of the potential for scam contact where compromised information may be referenced in an attempt to falsely verify the engagement. The risk of future misuse via phishing emails and telephone/SMS scams may increase when any personal information has been compromised. This includes, but is not limited to, incoming contact impersonating the breached organisation. Some individuals involved in a data breach report observing an increase in phishing contact. Please be mindful that this may not be a direct correlation to the breach event itself. It is possible that contact information, such as an email address and/or phone number may have been compromised at some stage in another online breach. You may wish to check whether your contact details have been compromised in any other online breaches. If you detect this, we recommend updating any compromised passwords, ensuring these are unique across all important online accounts and consider setting up Multi-Factor Authentication (MFA). For more information about this you can watch our Multi-Factor Authentication Guide video on the IDCARE website.
Be cautious of clicking on links in emails or text messages. Do not be pressured to respond, whether it is by email, text message or telephone. Instead, contact the organisation directly using contact details you know to be correct.
Protect your accounts with multifactor authentication, including financial, government, email, and social media accounts.
Use unique and strong passwords.
It is always a good idea to regularly review your account details and security settings. Check that your contact details are correct, and changes have not been made to any linked bank accounts or other services.
If you suspect any communication from IDCARE is not legitimate please confirm with IDCARE using alternative contact channels (see www.idcare.org). Our charity and community services DOES NOT accept payment from individuals for Case Management services.
If you ever need to contact us again, your Client Reference Number with IDCARE is xx_xx_. Please quote this in the subject line if you email at [email protected], or when submitting a Get Help Form.
Thanks again for reaching out to us.
Regards
xx_X
Identity & Cyber Security Case Manager
National Case Management Centre, IDCARE
Australia New Zealand
PO Box 412 PO Box 54
Caloundra, QLD, 4551 Napier, New Zealand, 4110
Individuals: 1800 595 160
Organisations: 1800 595 170 Individuals: 0800 121 068
Organisations: 0800 121 070
www.idcare.org
Disclaimer:
IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. IDCARE is a not-for-profit and registered Australian charity.
The Services provided do not constitute legal advice. IDCARE recommends that you consult your own independent legal counsel in relation to your rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
To the extent the Services are based on information and documents that you have provided, IDCARE has not verified the accuracy of the information and documents and accepts no responsibility for the accuracy of the information and documents.
While every effort has been made to ensure the accuracy of the information in this email, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of these Services which might otherwise be binding upon IDCARE are excluded.
IDCARE’s liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limited liability for any negligent act or omission, or statement, representation or misrepresentation of any offences, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed as a result of any recommendations made in the course of providing the Services.
The Services provided by IDCARE are intended to be provided solely to the initial recipient of this document and IDCARE will not be liable to any other person who may receive this document.
Yep total waste of time

As I've said many times Qantas should be offering the most impacted customers 12 months free credit monitoring.
But according to a few on here, its OK as your data is already out there....