Qantas Airways Ltd said a technology upgrade caused the airline’s frequent flyer app to malfunction on May 1, allowing some members to access the travel details, personal data and boarding passes of complete strangers.
The issue has been resolved and there’s no indication it was the result of a cyberattack, the Australian airline said in a statement.
Social media posts pointed to a serious data breach inside Qantas’ points business, a loyalty programme with 16 million members that’s a financial pillar of the airline.
Some app users could view the credit status and travel plans of multiple passengers. At least one person logged in and had the ability to cancel someone else’s flight to Europe, according to local media.
Qantas announced a revamp of the loyalty division last month, making millions more seats available for frequent flyers to appease customers frustrated at the former redemption model. The airline didn’t say whether Wednesday’s glitch was related to the recent changes.
Qantas said in its statement it’s not aware of any passengers travelling with the wrong boarding passes, and customers would not have been able to transfer or use other people’s points. – Bloomberg