More than 800 Qantas customers may have been affected by a cyber fraud incident in which contractors in India reportedly tried to redirect frequent flyer points.
The incident occurred over several weeks between July and August 2024 but was officially confirmed by the airline on October 7, 2024.
Two contractors working for Air India SATS company, which provides ground and cargo services for five major airports in India, have been suspended from their positions.
The two men are accused of attempting to access and make unauthorized changes to customer bookings without permission, trying to move points to accounts they managed.
Additionally, the contractors are accused of accessing customer booking details, including passport information. The changes were made through external airline booking systems, not Qantas ‘Manage Your Booking’ or Qantas Frequent Flyer systems.
In an emailed statement to AeroTime, a Qantas spokesperson apologized to the customers for the “fraudulent activity” and said the incident had impacted several airlines.
“As soon as we became aware of this, we worked closely with our airline partners to secure their systems to prevent this issue from happening again,” Qantas said. “This was not a cyber hack or data theft, but a case of two rogue employees of one of our suppliers abusing their position to fraudulently steal frequent flyer points.”
The spokesperson stated that customers’ points and status credits have been restored. The airline also stated that none of the current bookings have been affected. The Indian police are still investigating the case.
The article was updated with a statement from Qantas.