Qantas, the flagship Australian airline, is investigating a privacy breach after its customers were able to see other individuals’ boarding passes, flight details, and frequent flyer information.
Josh Withers, a Qantas customer, said he was able to see another passenger’s name and flight details when he opened the Qantas app. Each time he re-opened the flight portal, the app would pull up a different customer’s flight information. Other passengers reportedly had the ability to cancel passengers’ flights to Europe via the app.
The airline reports that there was “no indication of a cyber security incident,” though it also said its investigation is pointing to a technology issue that could potentially have caused system changes leading to this privacy breach.
Qantas was able to resolve the issue roughly three hours after it was discovered but is urging the customers that were affected to remain vigilant of social engineering scams using the exposed information.
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltbf1be7bf856af492/64f16ff551fd692c95d7de4c/qantas_airplane-Stonemeadow_Photography-Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop
