Qantas has confirmed that a cyber security incident at one of its contact centres has impacted the data of millions of customers.
The airline stated that the incident occurred when a “cyber criminal” targeted a call centre and gained access to a third-party customer servicing platform where six million customers have service records stored.
In a statement the Australian carrier said it expects the proportion of stolen data to be “significant”, after an initial review confirmed that this includes customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers.
Despite this breach no credit card details, personal financial information and passport details were taken, as this data is not held within this third-party system.
“We sincerely apologise to our customers, and we recognise the uncertainty this will cause,” said Vanessa Hudson, Qantas CEO. “Our customers trust us with their personal information, and we take that responsibility seriously.”
The airline said it will continue to assist the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and the Australian Federal Police in their investigations.
The airline added that the system is currently contained, with no effect on its operations or the safety of the airline.