Cyber criminals have gained access to “significant” data belonging to six million Qantas customers after hacking a call centre with records including customers’ names, email addresses, phone numbers and birth dates.
The airline on Wednesday confirmed the cyber incident on a third-party platform but assured customers the system had since been contained.
Qantas first caught wind of the attack when it detected unusual activity on a third party platform used by a Qantas airline contact centre on Monday.
“The incident occurred when a cyber criminal targeted a call centre and gained access to a third-party customer servicing platform,” the company said in a statement.
“There is no impact to Qantas’ operations or the safety of the airline.
“We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant. An initial review has confirmed the data includes some customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers.”
No credit card details, financial information or passport details were held in the system that had been compromised, Qantas said.
It also said no frequent flyer account details, including passwords, PIN numbers or log-in details had been accessed.
Qantas Group chief executive Vanessa Hudson said the company was working closely with the National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts.
“We sincerely apologise to our customers and we recognise the uncertainty this will cause. Our customers trust us with their personal information and we take that responsibility seriously,” she said.
“”We are contacting our customers today and our focus is on providing them with the necessary support.”
A dedicated customer support line had been established to provide customers with the latest information.