Qantas has revealed that data including customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers was stolen in a cyber incident.
Australia’s biggest airline said it was continuing to investigate the incident which occurred on a third party platform containing six million customer service records used by one of its contact centres.
Group Chief Executive Officer Vanessa Hudson said Qantas was contacting customers and working closely with the National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts.
“We sincerely apologise to our customers and we recognise the uncertainty this will cause. Our customers trust us with their personal information and we take that responsibility seriously,” Hudson said in an ASX announcement.
Qantas said the incident had no impact on its operations or safety and no credit card details, personal financial information or passport details were held in the system.
The incident occurred when a cyber-criminal targeted a call centre and gained access to a third party customer servicing platform.
When it detected unusual activity on the platform on Monday the airline took immediate steps and contained the system.
The incident comes as Qantas tries to rebuild a reputation shattered in recent years by issues like flight delays and cancellations, lost luggage, poor communication, mass layoffs during the COVID-19 pandemic, and excessive executive bonuses.
Qantas shares (ASX: QAN), which have rallied more than 80% over the last 12 months, closed one cent lower at A$10.76 on Tuesday, capitalising the airline at $16.28 billion (US$10.58 billion).