Qantas cyber attack: Airline says scammers active but systems secure

Qantas has apologised for the data breach and says it is working to strengthen protection for customers. Photo / Getty Images

Qantas says it will soon be able to alert customers to specific data stolen in this week’s cyber attack.

“We are aware of reports of scammers impersonating Qantas,” the airline said this morning.

“We recommend customers remain alert for unusual communications claiming to be from Qantas or requesting personal information or passwords.”

The airline and its chief executive Vanessa Hudson have apologised to customers for the breach, which was detected after unusual activity at a contact centre on Monday.

An initial review found compromised data included some customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers.

“Next week we will be in a position to update affected customers on the types of their personal data that was contained in the system,” Qantas said today.

“This will confirm specific data fields for each individual which will vary from customer to customer.”

About six million customers had service records on the affected platform.

The airline said it had increased resourcing in contact centres to handle customer queries.

Qantas said it had received more than 5000 inquiries through a special customer support line established after the cyber attack.

“Since Wednesday morning, the airline has communicated directly with its frequent flyers to notify them of the incident and to apologise that this has occurred.”

The airline said frequent flyers who had not received that email should check their spam or junk folders.

“There was separate communication with around six million customers who had personal information within the impacted platform.”

A cyber security expert told the Herald the attack had hallmarks of the Scattered Spider hacker group.

Patrick Sharp, Aura Information Security general manager, said the stolen data would likely be used for scams and telemarketing.

Consumer NZ said the hack raised issues about data retention and New Zealand’s privacy complaint systems and the penalty regime for data leaks.

“Qantas has not been contacted by anyone claiming to have the data and we’re continuing to work with the Government authorities to investigate the incident,” the airline said today.

“Additional security measures have been put in place to further restrict access and strengthen system monitoring and detection.”

The airline said that included more security measures for frequent flyer accounts to deter unauthorised access, including requiring additional identification for account changes.

John Weekes is a business journalist covering aviation and court. He has previously covered consumer affairs, crime, politics and court.