QANTAS: Customers can access other passengers’ information on app
Social media is flooded with reports that Qantas customers are receiving other people’s boarding passes for flights the user didn’t book on their smartphone app. The app was updated overnight. Qantas has responded by asking all app users to log out and log back in.
The latest update from Qantas indicates that there is no current indication of a ‘cyber security incident’ says a Qantas Responds statement. Qantas states that:
“Customers would not have been able to transfer or use the Qantas Points of other frequent flyers. We’re not aware of any customers travelling with incorrect boarding passes.”
Qantas Responds statement
PREVIOUSLY
Just before 9am people began to report that they could see other passenger details and boarding passes. There were even claims that users could change someone else’s seat assignment and access their frequent flyer points to transfer.
This tends to indicate a security issue. The size and extent of the problem is not yet clear. also not clear is whether it is an internal issue with Qantas technology, or the result of some external interference. Qantas has not ruled this out.
We are yet to understand the effect of the issue on passengers, boarding and ticketing systems. It is most likely someone failed to do something internally to maintain security in the App update.
Here is a video posted on social media illustrating the issue:
Content of this Post:
Invitation to scammers
It is being reported that multiple posters on Twitter/X about the issue are receiving responses from automated scammer accounts purporting to be from Qantas Customer Service, requesting customers to send personal information via Direct Message. These messages should be ignored.
Examples demonstrate that data including names, contact, frequent flyer points and status credits and QR codes of boarding passes, it looks like the consequences of this snafu might be extensive.
Paper boarding passes may need to be re-issued for all passengers over the next day or so, which will have knock on effects at departure gates, given that Qantas has largely eliminated service desks in its terminals. Expect added congestion at Qantas Lounges which are likely to become service hubs.
Less immediate but potentially more impactful will be the potential interference with Qantas frequent flyer accounts. This could affect members’ loyalty balances, status credits and even create issues at departure gates. Qantas will also need to investigate any potential interference with customers’ accounts, which could extend to flight cancellations or reward points expenditure and future bookings.
It’s also an open invitation for scammers to impersonate Qantas on social media, and for future phishing email campaigns.
It’s best to take the advice of Qantas below, and log out, and restart the app.
Qantas responds
Qantas has issued a couple of statements this morning:
UPDATE THREE – 12.10PM, 1 MAY 2024
We sincerely apologise to customers impacted by the issue with the Qantas app this morning, which has now been resolved.
Current investigations indicate that it was caused by a technology issue and may have been related to recent system changes.
At this stage, there is no indication of a cyber security incident.
The issue was isolated to the Qantas app with some frequent flyers able to see the travel information of other customers, including name, upcoming flight details, points balance and status.
No further personal or financial information was shared and customers would not have been able to transfer or use the Qantas Points of other frequent flyers. We’re not aware of any customers travelling with incorrect boarding passes.
UPDATE TWO – 10.15AM, 1 MAY 2024
We’re urgently working to resolve the issue impacting the Qantas app this morning and we sincerely apologise to our customers who have been impacted.
We’re investigating whether this issue may have been caused by recent system changes.
We recommend that customers log out and log in to their Qantas Frequent Flyer account on the Qantas App. Please also be aware of social media scams at this time.
We’ll continue to provide more information as soon as we can.
UPDATE ONE – 9AM AEST, 1 MAY 2024
Qantas is investigating reports of an issue impacting the Qantas app this morning.
We will provide more information as soon as possible.
Qantas Responds
Catriona Larritt, Chief Customer and Digital Officer, Qantas Group, who is responsible for ‘ the end-to-end customer experience, both digitally and physically, as well as brand, marketing and technology,’ who only started 6 months ago in September 2023, will be having a busy, long day today.
2PAXfly Takeout
It’s likely this is an unintended consequence of an ‘upgrade’ to the app earlier this morning.
It shouldn’t happen, but it does. It just suggests that the Qantas pre-testing regime of tech updates is not up to par. Qantas still seems to have a long way to go with the security, reliability and abilities of its app and website. It has now fallen way behind other leading international airlines.
Vanessa Hudson, the new CEO does not need this particular headache, and neither does.
If you are going to use your customers as your programming update quality control analysts, you ought to pay them.
Thanks for your comment Dave. I agree. Full disclosure, I once got paid to do some one-on-one research for Qantas. Never filled in a feedback form after that.