Jump to content
  • Sign Up
×
×
  • Create New...
New feature: 1 Vote = 0.10€ for server Owner!

Australia’s Qantas apologises for mobile app data breach

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted



Australia’s Qantas apologises for mobile app data breach

*********** flag carrier

This is the hidden content, please
has apologised to fliers after a glitch in its mobile application temporarily enabled some customers to view the flights and booking details of other frequent fliers on two separate occasions.

The airline said that no financial information was exposed, and nor were any users able to transfer or use frequent flier points belonging to others. Additionally, nobody was able to board a flight using another customer’s boarding pass – and nor was this attempted.

“We sincerely apologise to customers impacted by the issue with the Qantas app this morning, which has now been resolved,”

This is the hidden content, please
.

“Current investigations indicate that it was caused by a technology issue and may have been related to recent system changes. At this stage, there is no indication of a cyber security incident.”

The problem first surfaced shortly before 9am in Australia on 1 May 2024 (12am BST) and multiple users reported suddenly being able to view, and apparently amend, the bookings of others. The issue was resolved by 7.50am BST. It is unknown how many, if any, *** citizens or residents were impacted.

Although Qantas has stated that the incident was not the result of direct interference from threat actors, the incident certainly constitutes a serious data breach, and it is possible that had someone with malicious intent had accessed the data of another, they could have used it in a follow-on cyber ******* against that individual. The airline has advised fliers to be alert to the possibility for scams and ******.

Ted Miracco, CEO of mobile application security specialist

This is the hidden content, please
, said that as such, the incident was highly concerning. “The problem described suggests a significant issue with how user sessions and data are being handled within the app. The
This is the hidden content, please
(API) is incorrectly processing or validating session tokens, leading to unauthorised access to data.

“The exposure of such personal information, including booking details, frequent flyer numbers, and boarding passes, poses serious risks and liability. The data could be used for identity theft, phishing scams, or unauthorised access to further personal information.

“Such a breach should have significant legal and compliance implications, particularly under data protection regulations like the

This is the hidden content, please
(APA) or GDPR, if any EU citizens are affected, or other local privacy laws, depending on the nationality of the affected passengers,” he added.

API security has become a big issue thanks to the ubiquity of APIs, usage of which is growing at about 200% every single year. There are few pieces of code written in recent years that do not in some way expose or consume an API, and thanks to their mission criticality, dispersed nature, and tendency to bring developers and security teams into conflict, they have become a major ******* vector for cyber **********. Indeed, one of the most significant cyber attacks of recent years to have exploited APIs was a 2022 incident affecting another *********** organisation, telco Optus, which exposed the data of millions of customers.

System changes

If the incident did indeed arise following a botched system change, Qantas joins a growing list of organisations to have experienced similar issues in recent weeks. In March 2024, a number of prominent names on the *** high street, including fast food chain McDonald’s and the Nationwide building society experienced significant outages after mistakes were made during routine upgrade work.





This is the hidden content, please

#Australias #Qantas #apologises #mobile #app #data #breach

This is the hidden content, please

For verified travel tips and real support, visit: https://hopzone.eu/
0

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept