Maurice Blackburn has initiated a compensation process for nearly six million Qantas customers affected by a significant data breach that occurred on June 30. The complaint has been lodged with the Office of the Australian Information Commissioner (OAIC), claiming that Qantas inadequately protected personal information.
The breach originated in Manila at one of Qantas’ call centres, where a cybercriminal accessed a third-party customer service platform containing sensitive data on approximately 5.7 million customers. Maurice Blackburn’s principal lawyer, Elizabeth O’Shea, emphasised the need for Qantas to be held accountable for its failure to safeguard customer information.
O’Shea stated that customers impacted by the breach should register to receive updates regarding the complaint and potential compensation. She noted the registration is free and non-binding, encouraging individuals to take action to protect their rights.
In response to the unfolding situation, Qantas successfully secured an interim injunction from the NSW Supreme Court to prevent the publication of the stolen data. The airline has made it clear that they are taking measures to protect their customers’ information, although there remains no evidence that the stolen data has been released publicly. Qantas continues to monitor the situation with the aid of cybersecurity specialists.
The extent of the breach’s impact is concerning, with 4 million customers’ names, email addresses, and frequent flyer information compromised. Additionally, of the remaining 1.7 million particulars, approximately 1.3 million had their residential and business addresses exposed, 1.1 million had date of birth information compromised, 900,000 had phone numbers leaked, 400,000 had gender details revealed, and 10,000 had meal preferences disclosed. Importantly, no financial or passport information was included in the breach.
Customers are urged to stay alert for potential scams related to this breach and are advised to report any suspicious activities to Scamwatch as a precautionary measure.
In conclusion, the response to this data breach raises significant questions about data protection measures at major corporations, underscoring the importance of safeguarding personal information in an increasingly digital world.
