Qantas apologises after app compromised in serious data breach

The airline has 'sincerely apologised' after many customers' flight details were accessed by complete strangers.

A Qantas plane in the air.
Qantas is investigating a reported app glitch that has seen travellers' private details leaked. Source: Getty

Qantas has "sincerely apologised" to customers after a security breach on Wednesday morning saw multiple passengers' details and boarding passes widely distributed, with many travellers claiming they could make changes and even cancel bookings of complete strangers.

The glitch was first noticed at 9am this morning with Qantas confirming by midday it had been resolved. "Current investigations indicate that it was caused by a technology issue and may have been related to recent system changes," a spokesperson told Yahoo News Australia.

"At this stage, there is no indication of a cyber security incident. The issue was isolated to the Qantas app with some frequent flyers able to see the travel information of other customers, including name, upcoming flight details, points balance and status.

"No further personal or financial information was shared and customers would not have been able to transfer or use the Qantas Points of other frequent flyers."

The airline added that it was "not aware of any customers" travelling with "incorrect boarding passes".

Earlier on social media, several people posted about being able to see other passengers' private details.

"I have access to three different people's profiles when I opened it [the Qantas app] this morning," a concerned man wrote in a frequent flyer group this morning. "I don't know any of them."

Another man said his Qantas app logs him into a different account each time he opens it.

"My app logs me in to a different person each time. I have access to the booking details, QFF numbers, status, and boarding passes of people I don’t know. Logging out and back in does nothing," he said, while another claimed they had the ability to “cancel someone’s flight to Europe”.

There were several fake Qantas accounts claiming to be the airline's customer service staff circulating on social media as the glitch unfolded. "Lots of phishing accounts trying to wriggle in on the Qantas data breach," one woman warned others online.

Screen grabs show fake Qantas profiles on X, formerly Twitter, asking affected customers for personal details so that they can "look into the matter".

"Please be aware of social media scams at this time," a Qantas spokesperson urged the public.

Do you have a story tip? Email: newsroomau@yahoonews.com.

You can also follow us on Facebook, Instagram, TikTok, Twitter and YouTube.