Qantas has revealed it has been contacted by a hacker claiming to be behind the theft of details of millions of the airline’s customers with federal police keeping a close eye.
The hack potentially compromised the names, dates of birth, email addresses and frequent flyer numbers of six million customers, although their financial information remained secure.
“A potential cyber criminal has made contact and we are currently working to validate this,” a Qantas spokesperson said.
“There is no evidence that any personal data stolen from Qantas has been released but, with the support of specialist cyber security experts, we continue to actively monitor.”
Qantas has not disclosed whom it suspects might be responsible for the breach, and no hacker groups have come forward to claim the attack.
The airline said earlier in July a third-party system used by an offshore call centre had been attacked two days earlier.
It said it has added security measures for its frequent flyer accounts, including requiring extra identification for any changes.
The Australian Federal Police said it was investigating the latest developments.
“The airline has been actively cooperating with the authorities and the AFP in the investigation of this matter,” a spokesperson stated on Monday.
Qantas CEO Vanessa Hudson has expressed her apologies to customers regarding the data breach. Source: AAP / Rob Blakers
Since the attack was revealed, Qantas has received more than 5,000 customer inquiries.
“I want to apologise again for the uncertainty this has caused,” chief executive Vanessa Hudson said.
“We know that data breaches can feel deeply personal and understand the genuine concern this creates for our customers.
“Right now we’re focused on providing the answers and transparency they deserve.”
Legal experts suggest the incident could lead to a class action against Qantas after compensation claims were made against Optus and Medibank following major data breaches in 2022.
