While the airline is still determining how much data was stolen, it said it expected the volume to be “significant”.
The compromised data includes names, email addresses, phone numbers, dates of birth and frequent flyer numbers.
Credit card and passport details were not held within the attacked platform and remain secure.
Qantas says it detected some “unusual activity” on a third party platform used by a Qantas call centre on Monday, which led to the discovery of the cyber breach. It says “the system is now contained” and additional security has been put in place.
“We sincerely apologise to our customers and we recognise the uncertainty this will cause,” said Qantas Group’s CEO, Vanessa Hudson.
“Our customers trust us with their personal information and we take that responsibility seriously.
“We are contacting our customers today and our focus is on providing them with the necessary support.
“We are working closely with the Federal Government’s National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts.”
Qantas has set up a dedicated customer support line in response to the breach and has also informed the Australian Federal Police of the incident.
