Qantas Employee Data Misuse: Over 800 Bookings Affected by Rogue Staff

Qantas recently experienced a security breach involving employees of India SATS, its ground handler in India. These employees exploited their access to alter customer bookings and divert frequent flyer points into their own accounts. The fraud, which occurred in July and August 2024, impacted over 800 bookings and potentially exposed sensitive data, including passport information. 

However, Qantas has emphasized that there is no evidence that the passport data has been misused.

This breach was not a result of a cyberattack but rather an instance of insider fraud. Employees of India SATS, using a partner airline’s system, changed frequent flyer details, funneling the earned points into an account they controlled. Following the breach, Qantas promptly suspended the contractors involved, restored customers’ points, and fixed the altered bookings.

Qantas reassured its customers that it has implemented new restrictions on accessing bookings to prevent a similar incident in the future. It also clarified that this was not a technical hack, but rather a case of “rogue employees” abusing their position. 

A spokesperson for Qantas further stated that they are unaware of any current bookings being affected by this incident and that an ongoing police investigation is in place.

The breach has raised concerns about other airlines in the Oneworld Alliance potentially being affected. However, Qantas has not confirmed any involvement of other airlines in the scandal. Despite the breach, the airline continues to assert that this wa

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.