- Some customers using the Qantas app on Wednesday were shown the name, flight details and loyalty status of other passengers.
- No financial information was disclosed and passengers were not able to transfer or use any airline points displayed.
- The Australian national carrier apologized and said it believed it was a technical issue related to a recent system upgrade, not a cyber attack.
WATCH ANYTIME FOR FREE
Stream NBC10 Boston news for free, 24/7, wherever you are. |
Qantas on Wednesday apologized after some customers using the Australian airline's app were shown the name, flight details and loyalty status of other passengers.
The national carrier said there was no indication this was a cyber security incident, and that its current investigation suggests that the data breach was caused by a technology issue related to recent system changes.
Get updates on what's happening in Boston to your inbox. Sign up for our News Headlines newsletter.
Qantas shares dipped 1.2% during Wednesday trade.
During two periods on Wednesday morning, some users of the Qantas app were shown the details of other members of the airline's frequent flyer program, including their name, upcoming flight details, loyalty points balance and status. The breach did not give visibility over the financial information of other passengers.
Customers were not able to transfer or use other people's airline points, and there were no reports of customers boarding flights using incorrect details, Qantas said.
Money Report
During the incident, Qantas advised customers to log out and then back in to their frequent flyer app account.
"We sincerely apologise to all customers impacted and continue to monitor the Qantas app closely," the airline said in a statement.
The Qantas incident comes after other airlines experienced data breaches involving malicious actors in recent years. Spain's Air Europa last year told customers that a cyberattack on its online payment system had exposed some credit card details, according to Reuters, while British Airways was fined £20 million, or $24.9 million, in 2020 for a major data breach that exposed the personal and credit card data of hundreds of thousands of passengers.