Qantas Resolves App Glitch Exposing Flyers' Personal Data

Qantas Airways has confirmed that a technical issue with its mobile app briefly allowed some customers to view the personal details of other frequent flyers on Wednesday. The glitch exposed sensitive information such as names, booking details, and in some cases, the points balance and status of other travelers. The airline emphasized that the incident was not the result of a malicious cyber attack, but rather a technology issue that has since been resolved.

Why this matters: This incident highlights the importance of robust security measures in protecting customer data, particularly in the context of frequent flyer programs that store sensitive information. It also raises concerns about the potential consequences of data breaches in the travel industry, where compromised information can be used for malicious purposes.

In an email sent to affected customers on Friday, Qantas apologized for the inconvenience caused by the app misconfiguration. The airline stated, "We have now identified the root cause and can confirm that this was a technology issue, and there is no evidence of a cyber incident." While the exact duration and extent of the breach remain unclear, Qantas assured users that the app is now stable and operating normally.

The incident occurred just weeks after Qantas launched its "Classic Plus Flight Rewards" scheme on April 8, an expansion to its frequent flyer program. The airline also updated its app for Android and Apple devices on April 7 and 10, respectively, introducing a new look and feel for easier navigation and membership management. However, the recent glitch has raised concerns about the airline's handling of customer data and the robustness of itsapp security measures.

Mark Gregory, an expert from RMIT University, considers the Qantas app breach to be a major data breach. He stated, "It demonstrates that Qantas has failed to ensure that the upgrades or the updates to the systems and hardware were carried out in a way that would not permit the data breach to occur." The Office of the Australian Information Commissioner (OAIC) has been notified of the issue and has urged Qantas to investigate the matter thoroughly.

Qantas has taken steps to prevent similar incidents in the future, with a spokesperson confirming, "We have done everything we can to fully understand what went wrong so we can prevent it happening again." The airline will directly contact customers whose sensitive travel information was incorrectly displayed to another person. For now, Qantas frequent flyers can continue using the app without taking any additional action.

Key Takeaways

• Qantas app glitch exposed personal details of frequent flyers, including names and booking info.
• The issue was caused by a technical problem, not a cyber attack, and has since been resolved.
• Affected customers will be directly contacted by Qantas, which has notified the OAIC.
• The incident raises concerns about data security in the travel industry.
• Qantas has taken steps to prevent similar incidents and assures users the app is now stable.