Tech

PRIVACY BREACH in Qantas App – user details exposed including Valid Boarding Passes

A major privacy breach this morning and potential security risk has exposed Qantas and it’s passengers after a glitch in the Qantas app showed the Frequent Flyer and Trip details of random users to people using the iOS version of the Qantas app.

When logging into the app, you are normally presented with your own profile name, your points balance, status credit balance and details of your next trip.

Users this morning were reporting seeing other people’s profiles on the main home page of the app.

Every time you re-open the app (trying to get your own profile), you would likely see another person’s details.

Within 15 minutes I had seen 8 different profiles.

Most concern for both users and Qantas, if a user had a flight in the next 24 hours, the options to show those flights and even an active boarding pass.

This is a major security concern for Qantas, because with just a name, a destination and a flight time, it’s possible to use the automated computer checkin terminals at almost any Australian Airport to get a boarding pass.

Additionally, any boarding passes already issued have been compromised because the QR codes for them may have been captured by other users who could then board the flight.

Qantas essentially need to implement stricter checkin and boarding passes for at least the next 24 hours to ensure the right people are on the right flights.

A Qantas spokesperson told EFTM “We’re urgently working to resolve the issue impacting the Qantas app this morning and we sincerely apologise to our customers who have been impacted.

We’re investigating whether this issue may have been caused by recent system changes.

We recommend that customers log out and log in to their Qantas Frequent Flyer account on the Qantas App. Please also be aware of social media scams at this time.

We’ll continue to provide more information as soon as we can.” (Further updates at the bottom of this article)

Customers should also be aware that scammers are posing on social media as Qantas customer service staff.

Anyone with questions should only speak directly to Qantas call centres, or Staff at Airports.

UPDATE THREE – 12.10PM, 1 MAY 2024

We sincerely apologise to customers impacted by the issue with the Qantas app this morning, which has now been resolved.

Current investigations indicate that it was caused by a technology issue and may have been related to recent system changes.

At this stage, there is no indication of a cyber security incident.

The issue was isolated to the Qantas app with some frequent flyers able to see the travel information of other customers, including name, upcoming flight details, points balance and status. No further personal or financial information was shared and customers would not have been able to transfer or use the Qantas Points of other frequent flyers. We’re not aware of any customers travelling with incorrect boarding passes.

Qantas

Recent Posts

  • Tech

Xiaomi 15T Pro review – an all-new brand for Australia leaning into our love of photography

I've seen and heard of the Xiaomi brand over many years, seen them at the…

12 hours ago
  • Tech

Google Pixel 10 Pro Fold Review: A Premium, durable foldable with Pixel AI built-in

The suite of new Pixel phones announced each year has grown now to four devices,…

15 hours ago
  • Tech

Nothing launches new budget friendly Phone 3a and it’s heading to Australia next month

Phone and electronics maker Nothing announced their latest handset overnight, with the latest phone -…

1 day ago
  • Tech

iGulu F1 home brewing kit review – can it make a good beer?

I don't drink beer, and while that draws a lot of judgement upon me at…

1 day ago
  • Tech

RØDE releases a new Wireless Microphone kit for cameras and smartphones – $250!

Aussie audio and tech brand RØDE has released an updated version of their Wireless Micro,…

2 days ago
  • Tech

Season 4 of PGA Tour 2K25 launches today — get onboard for mayhem that won’t get you arrested

Today, Season 4 of PGA Tour 2K25 launches on PlayStation, Xbox and PC and brings…

2 days ago