QANTAS Cyber Incident

[Aeryn]

The problem is if your account is compromised and someone else cancels your rewards flight to get the points, Qantas refunding points doesn't solve the whole problem if the classic award booking cant also be reinstated. If it was on non Qantas metal nothing they can do.

 

[equus]

If it was on non Qantas metal nothing they can do

Depends on how the account got compromised. If a password / second factor reset was done by a QF call centre making use of compromised data, Qantas would pretty much be obliged to reinstate the booking on non-Qantas metal - even if they had to pay the commercial fare. You might have to push a bit, but they would undoubtedly fold if you went legal on them, as negligence would be pretty easy to prove.

 

[MEL_Traveller]

The problem is if your account is compromised and someone else cancels your rewards flight to get the points, Qantas refunding points doesn't solve the whole problem if the classic award booking cant also be reinstated. If it was on non Qantas metal nothing they can do.

Or, further to equus’s point, you could be reaccommodated on QF metal to the closest point and then a paid ticket onward from there (paid by QF).

Now you have just ruined my cunning plan

I guess I was assuming any hacker would be in and out as quickly as possible without looking at current award bookings they may be able to cancel to get a few more points to transfer out.

Unless QF could show the points were transferred to a bone fide family member, you’d get them back pretty quickly. And an account opened just prior to the points transfer using data from the breach would be heavily in your favour.

 

[VPS]

Think most have assumed it was two separate entries in the database, maybe one personal FF, one business rewards for example.

I have separate emails for Qantas and Qantas business rewards and have not had any emails to the Qantas business rewards email address yet

 

[GrahamBRI]

I have separate emails for Qantas and Qantas business rewards and have not had any emails to the Qantas business rewards email address yet

I think, there has been some misunderstanding in this thread around QBR.
I believe the second email update was talking about the "Business (optional)" field in your personal account. You have in your personal accounts the ability to put both a personal number and business number and it is this second "optional" field for business number that was also compromised (and missed in the first email). So once again, knowing the fields that have been compromised, are of much less importance than what was in those fields.

 

[RooFlyer]

Yes I’m assuming QBR for the less detailed one. My QFF and QBR accounts share an email account (or did until a point) for mine

I have the same email for QFF and QBR and yet the second email came to a different email address. One that I don’t use anymore.

 

[Seat0B]

As someone who was initially advised 9 out of 11, and then subsequently 3 out of 11, I'm going to be assuming the worst case scenario.

Yep me too

 

[TheInsider]

I have to say I am a bit surprised that the media interest in this story has died our so quickly, especially with people receiving multiple emails about what has been breached. Where is Joe Aston when you need him?

The 'news' has reported what happened when it happened. Why do they need to rehash the same thing every day?

 

[I love to travel]

The 'news' has reported what happened when it happened. Why do they need to rehash the same thing every day?

Firstly I think you work for Qantas and none of my criticism is directed towards frontline workers.
My comment re lack of media attention simply reflects that 23% of the Australian population had their data hacked
from a single event and that the media don't seem to think that it is a major issue.

 

[RooFlyer]

The 'news' has reported what happened when it happened. Why do they need to rehash the same thing every day?

Not the same thing perhaps but developments. Like the unfolding of what was leaked and what wasn’t? What are Qantas doing with the hackers? What is Qantas doing about its customers?

Hey, that’s a thought - what is what is Qantas doing about its customers?

 

[LondonAussie]

My comment re lack of media attention simply reflects that 23% of the Australian population had their data hacked from a single event and that the media don't seem to think that it is a major issue.

The media chase clicks and ratings, so for whatever reason they must think there’s not much interest in sticking with the story.