A recent incident has impacted a vast number of airline customers, revealing sensitive information due to a technical flaw. This event centres around an issue with a widely used system provider that allows individuals to access their personal details and loyalty program information.
It has been confirmed that the personal data of approximately six million customers has been exposed. The breach originated not directly from the airline’s main systems but from a third-party platform used by their loyalty program. The problem occurred when the platform went offline for maintenance, and upon its return, members logging in were inadvertently shown the account details of other members, not just their own.
The sensitive information potentially exposed included names, addresses, phone numbers, email addresses, account balances, and status within the loyalty program. Crucially, the airline has stated that no financial details, such as credit card information or payment details, were compromised. Passwords were also reported as secure and not exposed in this incident.
Upon discovering the issue, the platform was immediately taken offline to prevent further unauthorised access. The airline has expressed regret and assured customers that the vulnerability was specific to this particular platform interaction and has been addressed. They are communicating directly with impacted members and have advised customers to be vigilant regarding any suspicious contact. This incident underscores the importance of data security, especially when interacting with external service providers handling large volumes of sensitive customer information.
Source: https://go.theregister.com/feed/www.theregister.com/2025/07/02/qantas_data_theft/
