QANTAS Cyber Incident

Still waiting on one more third email (not in spam)…….
Thinking why this might be delayed, I had a look at the third email for other family members, I note in these emails that Qantas says:

“Our customer records are based on unique email addresses, so if you have multiple email addresses registered”

Well, if this is true, this is an issue, if it is as written (records are based on unique email addresses) - I have one email address used on 2 different family member accounts. Records should be based on unique frequent flyer numbers, not email addresses?

Interesting to hear from those still waiting if they have a similar setup - one email address, multiple accounts?
 
GrahamBRI said:
Still waiting on one more third email (not in spam)…….
Thinking why this might be delayed, I had a look at the third email for other family members, I note in these emails that Qantas says:

“Our customer records are based on unique email addresses, so if you have multiple email addresses registered”

Well, if this is true, this is an issue, if it is as written (records are based on unique email addresses) - I have one email address used on 2 different family member accounts. Records should be based on unique frequent flyer numbers, not email addresses?

Interesting to hear from those still waiting if they have a similar setup - one email address, multiple accounts?
Click to expand...
That’s me. No email
 
RooFlyer said:
Thanks. The article made the point that I and some others have been making. Its not the threat to our Qantas accounts necessarily, but the incremental (and perhaps updating) compilation of data thats 'out there' to be a greater menace to our other on-line log-ins.
Click to expand...

Precisely. This seems to be the aspect that many have missed. The dataset can be used to perform enrichment against other data. Fairly easy with a readily available tool like Alteryx or similar.

From 6 million records, even if the just 1% of these can be enriched against other datasets to the level that it is usable to attack those customers, there is a big problem.
 
ksthommo said:
2nd email received this arvo

Our cyber security teams have undertaken an investigation and we can confirm that the following types of your data held on the compromised system was accessed:

Name
Email address
Qantas Frequent Flyer number
Tier
Points balance
Status Credits
Date of birth
Phone number
Click to expand...
Yep - got the email late yesterday with this same set. Wife and son only had Name, email, FF number as Silver (I'm LTG) - wonder if the status/length of membership is a factor. First time I've had that much personal data lost and I admit to feeling pretty pissed off with QF.
 
GrahamBRI said:
Still waiting on one more third email (not in spam)…….
Thinking why this might be delayed, I had a look at the third email for other family members, I note in these emails that Qantas says:

“Our customer records are based on unique email addresses, so if you have multiple email addresses registered”

Well, if this is true, this is an issue, if it is as written (records are based on unique email addresses) - I have one email address used on 2 different family member accounts. Records should be based on unique frequent flyer numbers, not email addresses?

Interesting to hear from those still waiting if they have a similar setup - one email address, multiple accounts?
Click to expand...
It seems to be because it is a more general customer system, not specifically a frequent flyer system.
 
GrahamBRI said:
Still waiting on one more third email (not in spam)…….
Thinking why this might be delayed, I had a look at the third email for other family members, I note in these emails that Qantas says:

“Our customer records are based on unique email addresses, so if you have multiple email addresses registered”

Well, if this is true, this is an issue, if it is as written (records are based on unique email addresses) - I have one email address used on 2 different family member accounts. Records should be based on unique frequent flyer numbers, not email addresses?

Interesting to hear from those still waiting if they have a similar setup - one email address, multiple accounts?
Click to expand...

It’s because if you send an email to the ff mail address it automatically raises a ticket and assigns to your profile if it’s a known email address.

This has been the case for 20+ years. If you send and email from an address you use for multiple accounts it doesn’t know which person to raise the ticket against, so it just picks one.
 
Am I the only one that also had the address leaked so far?

Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Qantas Frequent Flyer number
Tier
Points balance
Status Credits
Date of birth
Phone number
 
ChrisW. said:
Am I the only one that also had the address leaked so far?

Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Qantas Frequent Flyer number
Tier
Points balance
Status Credits
Date of birth
Phone number
Click to expand...
No, a couple have already reported they had their address(es) leaked.
 
ChrisW. said:
Am I the only one that also had the address leaked so far?
Click to expand...
Same level of information leaked as me, and emailed only received this morning as opposed to family member who received it 2 days ago.

If I were to guess, the greater information leak might be those people who had called up and reached the offshore center?
 
Check out the latest credit card signup bonus point offers
Read our AFF credit card guides and start earning more points now.

AFF Supporters can remove this and all advertisements

ChrisW. said:
Am I the only one that also had the address leaked so far?

Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Qantas Frequent Flyer number
Tier
Points balance
Status Credits
Date of birth
Phone number
Click to expand...
I'm in for the address party too...just got the email. Personally most unhappy about Address as often the combination of Date of Birth, Full Name and Address is used as validation when calling a range of services. 2 of these are not changeable and the 3rd one is very hard to change.

Correct that this is often paired with a MFA but nonetheless to have that much information revealed is very frustrating and leaves a single layer of protection for validation. I know some people on here have said that any service that doesn't use MFA is something you shouldn't use but that means we shouldn't have been using Qantas or Virgin for a very long time until they recently put in MFA.

Well done to the posters who correctly predicted that Qantas would send the emails in severity of information leaked. Very convenient for it to take them 48 hours to get to the worst impacted.

As to why so much of my information was leaked I can only assume it was the 20+ phone calls and 10+ emails I had to go through in an effort to get a COVID refund back. Qantas is always the gift that keeps on giving...
 
ChrisW. said:
Am I the only one that also had the address leaked so far?

Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Qantas Frequent Flyer number
Tier
Points balance
Status Credits
Date of birth
Phone number
Click to expand...
Nope. My Home address (I assume) linked to my QBR account made the cut. Fortunately not DoB.

But Optus leaked all that already…
 
Another one for Club Address.

Address
Name
Email address
Qantas Frequent Flyer number
Tier
Points balance
Status Credits
Date of birth
Phone number

Minimal contact - most recently a successful ORC claim last year, otherwise 1 or 2 calls per year (2020/2021/2022/2023 - not bothered since then) chasing points refund from COVID-era shenanigans. (Still unresolved)
 
Strikes said:
Just got the email then - I'm surprised it didn't include my eye colour and favourite movie...

  • Address
  • Name
  • Email address
  • Qantas Frequent Flyer Number
  • Tier
  • Points balance
  • Status Credits
  • DOB
  • Phone Number
  • Gender
  • Meal Preference
Click to expand...
I think you win bingo!

I’ve never had a meal preference so they wouldn’t have been able to leak that

Also I don’t know which address they hold for me- likely either an old one or possibly a PO box

IMG_9742.jpeg
 
Finally got the email in last few minutes:

1752192307779.png

Luckily no DOB for me BUT i would like to know which specific addresses have been leaked - was it a home address, address I had luggage delivered to when AA lost it (that was a friends home) or my PO box or former employers address for when they used to book flights for me?

For things that can change like Address, email address and phone number Qantas should tell us what the value leaked was; if its already out of date we need be less worried.

And Id like to know if its full name or just first name, middle initial, last name (my first and last are very common, but my middle name is very rare). And I have made sure to amend my middle initial to full middle name on international bookings no there is no issue matching to passport in places where they are super fussy.
 
Everything but my meal preference!

Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Qantas Frequent Flyer number
Tier
Points balance
Status Credits
Date of birth
Phone number
Gender
 
I just received the confirmation email that my full suite of information was leaked. :(

Our analysis has found that the following types of your data held on the compromised system was accessed:
  • Address
  • Name
  • Email address
  • Qantas Frequent Flyer number
  • Tier
  • Points balance
  • Status Credits
  • Date of birth
  • Phone number
 
Address Club x2…

Just got the email relating to my primary FF account with the “Platinum” FF banner on the email (previous advice email for QBR account was generic)…

Address
Name (I assume full name including full middle name)
Email address
QFF#
Tier
Points Balance (another excuse to burn some before the deval)
SCs
DoB
Phone number

SYD+1 the same, but also scored “Gender”…

😡
 

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.

Recent Posts

Currently Active Users

Total: 3,959 (members: 14, guests: 3,945)
Back
Top