Qantas apologizes after app suffered major data breach

Qantas has “sincerely apologized” to its customers after a security breach occurred on Wednesday morning that saw scores of passengers’ details and boarding passes widely shared, with many travelers claiming they could make changes to, or even cancel, complete strangers’ bookings.

The fault was first noticed at 9am this morning and by midday Qantas confirmed it had been resolved. “The current investigation indicates this was due to a technological issue and may have been related to recent system changes,” a spokesperson told Yahoo News Australia.

“At this stage there is no indication of a cybersecurity incident. The issue affected the Qantas app, and some frequent flyers were able to see other customers’ travel information, including name, upcoming flight details, points balance and status.

“No further personal or financial information was shared and customers would not be able to transfer or use other frequent flyers’ Qantas Points.”

The airline added that it was “not aware of any customers” traveling with “incorrect boarding passes.”

Earlier, several people posted on social media saying that they could see the private data of other passengers.

“When I opened the Qantas app this morning I had access to three different people’s profiles,” wrote a concerned man in a frequent flyer group this morning. – I don’t know any of them.

Another man said the Qantas app logs him into a different account every time he opens it.

“My app logs me in with a different person every time. I can access booking details, QFF numbers, status and boarding passes of people I don’t know. Logging out and back in doesn’t do anything,” he said, while another claimed he had the ability to “cancel someone’s flight to Europe.”

As the glitch became public, several fake Qantas accounts posing as the airline’s customer service staff circulated on social media. “Many phishing accounts are trying to implicate themselves in the Qantas data breach,” one woman warned online.

Screenshots show fake Qantas profiles on X, formerly Twitter, asking affected customers to provide personal details so they can “look into the matter”.

“Please be aware of scams on social media,” a Qantas spokesman urged.

Do you have a story tip? E-mail: [email protected].

You can also follow us Facebook, Instagram, ICT Tok, Twitter AND Youtube.