Qantas on Wednesday apologized after some customers using the Australian airline’s app were shown the name, flight details and loyalty status of other passengers.
The national carrier said there was no indication this was a cyber security incident, and that its current investigation suggests that the data breach was caused by a technology issue related to recent system changes.
Qantas shares dipped 1.2% during Wednesday trade.
During two periods on Wednesday morning, some users of the Qantas app were shown the details of other members of the airline’s frequent flyer program, including their name, upcoming flight details, loyalty points balance and status. The breach did not give visibility over the financial information of other passengers.
Customers were not able to transfer or use other people’s airline points, and there were no reports of customers boarding flights using incorrect details, Qantas said.
During the incident, Qantas advised customers to log out and then back in to their frequent flyer app account.
“We sincerely apologise to all customers impacted and continue to monitor the Qantas app closely,” the airline said in a statement.
The Qantas incident comes after other airlines experienced data breaches involving malicious actors in recent years. Spain’s Air Europa last year told customers that a cyberattack on its online payment system had exposed some credit card details, according to Reuters, while British Airways was fined £20 million, or $24.9 million, in 2020 for a major data breach that exposed the personal and credit card data of hundreds of thousands of passengers.
Source: CNBC