HQ/EMEAFind out how we can help your business
The Qantas app exposed sensitive traveller information to other random users. Based on reports, Qantas Airways says that a misconfiguration in its app has inadvertently leaked sensitive information and boarding cards to various app users.
This incident could become a major concern as this Australian airline is its flag carrier and has the largest fleet size, including 125 aircraft serving 104 locations. Moreover, Qantas is home to over 23,500 employees and generates over $12.9 billion in revenue annually.
The Qantas app misconfiguration is one of the first cybersecurity incidents that occurred this month.
Several Qantas app users complained on social media that they had access to other users’ travel details, such as personally identifying information (PII), boarding passes for upcoming flights and other account information.
The affected entity has responded promptly to the reports, confirming an unintended exposure of sensitive information, potentially due to their latest system upgrades. Hence, the airline company advised passengers to log out of their ‘Frequent Flyer’ account on the Qantas app while they addressed the situation.
The following statement assured users that the issue was not caused by a cyberattack but by internal configuration modifications that exposed information exclusively on the app.
Qantas elaborated on their statement that the issue was an isolated incident within Qantas that allowed some frequent flyers users to see the travel information of other customers, like names and flight details. The statement also added that the exposed data did not include further personal or financial information, and customers who accessed the exposed data cannot transfer Qantas Points, equivalent to their frequent flyers’ rewards.
Furthermore, the airline claimed they had not recorded any incorrect boarding cards during the incident and that no passenger had missed their flights. Still, the company has implemented procedures to prevent such confusion, which might cause delays or safety issues at the airport.
Qantas have yet to provide additional details about the incident. Qantas app users should be cautious with their accounts and monitor their activities since there is a possibility that another user could use their details to commit fraud.
