QANTAS Cyber Incident

Would it need monetary losses?

Usually when making a claim against a person or an entity, you need to demonstrate monetary losses.
Possibly.

Be willing to try a test case given the dangers of allowing such sensitive information be so easily disclosed to an unauthorised party.
 
Well, I knew being a late stage recipient of the dreaded 3rd email would mean i was in for the full sting, and I’ve just received it.

Those handful at the end seem a bit unnecessary for QFF to have stored though?! 😜

Our analysis has found that the following types of your data held on the compromised system was accessed:
  • Address
  • Name
  • Email address
  • Qantas Frequent Flyer number
  • Tier
  • Points balance
  • Status Credits
  • Date of birth
  • Phone number
  • Gender
  • Names of your high school crush(es)
  • Compromising images of you at your buck’s night from two decades ago
  • Actual standard drinks per week; not just the number you tell your physician
  • Preferred character on ‘Street Fighter II’
  • Favourite colour which is also a flavour

Humour helps. A bit.

Cheers,
Matt.

p.s. I always preferred Guile, even though I had mastered all of Ryu’s special moves.
 
In my opinion, this is just not good enough.

There need to be serious penalties for companies failing to protect private data, as have been introduced in the UK a number of years ago.

I don't really care about the Qantas data leaked, if someone is able to access Qantas accounts, spend/steal points etc there would be uproar if Qantas did NOT provide restitution (return to the previous balance).

What I DO care about is my name, date of birth, phone number, residential address, etc etc etc being leaked.
I can't just change them.
I will be at increased risk - permanently - from their mistake.

Leaking credit card data would be better and yet they keep "reassuring" me that no credit card data was leaked. Despite the fact that I can get a new credit card in about 3 days.

They keep talking about how their systems are secure now. I couldn't care less what they are like now - have they ever heard about closing the stable door after the horse has bolted?

It all just smacks of minimisation, lip service, and "too bad so sad" followed by them moving on.
Compensation doesn't change the fact that they have seriously let their customers down - but nor has it been offered - it just seems like they are hoping it will go away and no-one will kick up a fuss.

Disgusted
 
..

Having said that, Qantas could help ensure we could easily detect phishing attempts by giving us each 20,000 Qantas points and 200 SCs so that the amounts would clearly differ from the hacked amounts... ;)

Well didn’t we get 30,000 points just for “not match-fit-gate” Surely we are owed more for this!
 
Finally got my email. Only 7 of 11. The Qantas ones have subsequently changed and the non-Qantas ones have already leaked out so that means in the grand scheme of things, it's not too bad for me.

My data points:
  • Name (leaked)
  • Email address (leaked)
  • Qantas Frequent Flyer number
  • Tier (changed)
  • Points balance (changed)
  • Status Credits (changed)
  • Phone number (leaked)
And I've just received a fourth email (this time from Qantas Airways rather than Qantas Frequent Flyer)!

The three data points are name, email and phone.

So what has, or hasn't been hacked? :confused:
 
Green Tier?
Points Club?…
How about giving us something the hackers don’t already know? Surely a Tier bump…. pretty please?

Sad Puss In Boots GIF
 
Got the same email:


Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Qantas Frequent Flyer number
Tier
Points balance
Status Credits
Date of birth
Phone number
Gender

Great Qf! :(
Just got another email:

Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Phone number

So which email do I believe Qf? This is becoming a joke Qf....and the laugh is on us!
 
Just got another email:

Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Phone number

So which email do I believe Qf? This is becoming a joke Qf....and the laugh is on us!
Is it also from Qantas Frequent Flyer and addressed "Dear kpc" or from Qantas Airways Ltd addressed "Dear Qantas Customer" instead?
 
Just got another email:

Our analysis has found that the following types of your data held on the compromised system was accessed:
Address
Name
Email address
Phone number

So which email do I believe Qf? This is becoming a joke Qf....and the laugh is on us!
Same email address or different?

Are there multiple QF FF accounts with your email address(s)?

Do you have QBR? I received 2x detailed emails because one is my primary QFF acc (one email address) and the other for QBR (different email address). The former came with a banner with QF WP status etc
 
Read our AFF credit card guides and start earning more points now.

AFF Supporters can remove this and all advertisements

Be willing to try a test case

Claiming what exactly?

You'd need at least a monetary loss claim, that you can substantiate.

For other breaches of laws and regulations, it's the authority involved that will decide to take any legal action. That is usually to seek a corporate penalty.
 

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.
Back
Top