Major Qantas Cyber Attack: What You Need to Know

A cyber criminal has stolen the personal information of up to six million Qantas customers kept on a third-party platform used by Qantas’ contact centre in Manila.

Qantas says that its systems are now contained and remain secure. The airline has notified the Australian Cyber Security Centre and the Australian Federal Police, and set up a dedicated customer support line for impacted customers.

The incident occurred last weekend when a cyber criminal was able to gain access to the affected system during a phone call with a Qantas contact centre agent. Qantas detected unusual activity in this system on Monday, 30 June and took immediate action.

Here’s what you need to know…

Which customers are affected by the Qantas cyber attack?

The cyber criminal was able to access customer service records stored by the Qantas contact centre in Manila. If you have ever interacted with the Manila contact centre, there’s a good chance that your data will have been stored in that system. If not, there’s a reasonable chance that you won’t be affected.

Qantas has contact centres in multiple locations including Australia, New Zealand, South Africa, Fiji and the Philippines. When you call Qantas with a booking-related enquiry, you may be directed to any one of these call centres.

However, we understand that Qantas’ Manila contact centre is the primary location handling Qantas Business Rewards support. It’s also the main location of the Qantas Frequent Flyer Service Centre, which handles calls and emails relating to the Qantas Frequent Flyer program and Qantas Club.

If you’ve only interacted with Qantas through social media, you’ve most likely been in touch with staff at the Auckland contact centre. This and other Qantas contact centres, other than Manila, were not affected by this cyber attack.

Over the coming days, Qantas will send out two emails to customers:

1. The first email will go to all Qantas customers to make them aware that a cyber incident has occurred
2. The second email will be sent to customers who are directly impacted by this cyber attack.

Qantas did not immediately have an answer to our question about how long customers might need to wait to find out directly whether or not they are impacted.

“We sincerely apologise to our customers and we recognise the uncertainty this will cause. Our customers trust us with their personal information and we take that responsibility seriously,” Qantas Group CEO Vanessa Hudson said.

What information may have been stolen

Qantas is currently continuing to investigate the proportion of the data stolen, but expects “it will be significant”.

So far, Qantas says that an initial review shows that the stolen data contains the following data of some customers:

• Names
• Email addresses
• Phone numbers
• Birth dates
• Frequent flyer numbers

What information was not stolen

Qantas says that no credit card details, personal financial information or passport details were held in the system accessed in the cyber attack. The airline also says no frequent flyer accounts were compromised.

To log into a Qantas Frequent Flyer account, you would need a person’s account number, surname and PIN. Thankfully, frequent flyer account PINs have not been compromised. Qantas also has a two-factor authentication system in place when accessing certain frequent flyer account functionality.

What next?

Qantas has released further information about the cyber incident on its website. There, you’ll also find phone numbers that you can call to get further information and advice.

Qantas says that there is no impact to its flights, and customers can still check in and travel as normal.

However, if you are impacted by this, you should carefully scrutinise any communications you receive in the coming months which claim to be from Qantas. With access to information such as your name, email address, phone number and frequent flyer number, scammers may be able to send fraudulent emails or text messages to you that look quite convincing.

Last month, Hawaiian Airlines and WestJet were also hit by separate cyber attacks.

Matt Graham

The editor of Australian Frequent Flyer, Matt's passion for travel has taken him to more than 100 countries… with the help of frequent flyer points, of course!
Matt's favourite destinations (so far) are Germany, Brazil, Kazakhstan and Uzbekistan. His interests include aviation, economics & foreign languages, and he has a soft spot for good food and red wine.

You can connect with Matt by posting on the Australian Frequent Flyer community forum and tagging @AFF Editor.