Personal data of thousands of Qantas customers was exposed via the airline's app on Wednesday after a major outage. Many frequent flyers posted on social media that they saw the names, accounts, flight plans, points and boarding passes of other passengers, Guardian reported.
One user wrote on someone else's…'
Hi @Qantas I'm pretty sure whatever app problem this warning is about isn't completely resolved because every time I refresh I get someone else's name, points balance, and status… pic.twitter.com/gR3AG7NqbC
— El Yobo (@elyobo) May 1, 2024
A Qantas spokesperson said current investigations indicate the problem was caused by a technology issue and may be related to recent system changes.
''We apologize to customers affected by the Qantas app issue this morning, which has now been resolved. Current research shows that this was caused by a technology issue and may have been related to recent system changes. There are no indications of a cybersecurity incident at this time,” the carrier said in a statement.
''The issue was isolated to the Qantas app, with some frequent flyers able to see other customers' travel information, including name, upcoming flight details, points balance and status. No further personal or financial information was shared and customers would not be able to transfer or use the Qantas Points of other frequent flyers. “We are not aware of any customers traveling with incorrect boarding passes,” the statement said.
In an announcement late this afternoon, the airline said the Qantas app “is currently stable and functioning normally following an issue with the homepage today.”
The Qantas app is currently stable and working normally after an issue with the homepage today.
There were two periods today when some customers were shown the flight and booking details of other frequent flyers.
Our sincere apologies to all affected customers and… https://t.co/InzUb1UnkQ
— Qantas (@Qantas) May 1, 2024
Qantas advised customers to log out and log into their Qantas Frequent Flyer account in the Qantas app.
Major cyber attacks in recent years have raised concerns about the protection of Australians' personal data. In November 2022, Medibank, Australia's largest private health insurer, said hackers had accessed the data of 9.7 million current and former customers, including medical records, according to the AFP report.