The airline’s “forensic analysis” of the data breach confirmed that no credit card details, personal financial information or passport details were compromised.

On Monday the airline said “a potential cyber criminal has made contact” but declined to say if it had received a ransom demand.

Cyber experts said this was likely because so far no details secured from the “vishing” attack on a Manila call centre have surfaced on the dark web.

Qantas chief executive Vanessa Hudson has been quick to reassure customers that there has been no impact to Qantas Frequent Flyer Accounts, passwords, PINs or login details.

“Our absolute focus since the incident has been to understand what data has been compromised for each of the 5.7 million impacted customers and to share this with them as soon as possible,” she said.

“From today we are reaching out to customers to notify them of the specific personal data fields that were held in the compromised system and offer advice on how they can access the necessary support services.”

Qantas said the name, email address and frequent flyer number of four million customers had been hacked.

Almost two million customers had a combination of their address, date of birth, phone number and gender accessed by the hackers. They also collected the meal preferences of 10,000 frequent flyers.

Qantas is now beginning to email the affected customers to tell them what was taken and to urge them to be alert to any email, text or telephone call claiming to be from Qantas.

“Since the incident, we have put in place a number of additional cyber security measures to further protect our customers’ data, and are continuing to review what happened,” Ms Hudson said.

“We remain in constant contact with the National Cyber Security Coordinator, Australian Cyber Security Centre and the Australian Federal Police. I would like to thank the various agencies and the Federal Government for their continued support.”

Customers can continue to access the dedicated support line on 1800 971 541 or +61 2 8028 0534.

QANTAS HELD TO RANSOM?

Cyber experts believe Qantas has been issued with a ransom demand to secure the data of six million passengers hacked from its computer system last week.

The airline confirmed on Monday night that “a potential cyber criminal has made contact” and that it was working with the Australian Federal Police and would not comment further.

Cyber crime expert Professor Richard Buckland from the University of NSW said it was “extremely likely” the airline had been contacted with a ransom demand.

“They have probably been contacted by someone who has shown them a copy of what they have taken,” he said. “I assume they have contacted them with a ransom demand, why else would they contact them?

“No one has been able to find any of the stolen information on the dark web so it has not been published yet.”

The breach came after the FBI in America warned airlines that a cyber criminal gang known as Scattered Spider was targeting airlines. WestJet and Hawaiian Airlines in the US had already been breached.

This week Facebook users began to post that their Alaska Airlines, which owns Hawaiian Airlines, frequent flyer accounts had been hacked and their points stolen.

One member of the Award Travel by Roame frequent flyer group posted “I just got stolen 200k+miles from Alaska” and included a screenshot of his looted account.

Prof Buckland said the information stolen from Qantas which included frequent flyer numbers, email addresses, dates of birth and phone numbers left Australian passengers open to similar attacks.

“It is absolutely quite possible they will target points,” Prof Buckland said. “Many people use phone numbers and birthdays in their passwords which makes them vulnerable.”

Jetstar has this week been sending out legitimate emails to customers about a temporary check-in and security screening point at Brisbane Airport due to major upgrades and referring passengers to a web link.

“It’s crazy, Jetstar should not be sending this out particularly at this time,” Prof Buckland said.

“This is exactly what a scammer would be doing,” he said. “Asking people to click on a link to confirm a booking and then redirecting them to a bogus site. I would be very wary of clicking on anything right now.”

And checks by The Daily Telegraph indicate that scammers could already be on the case with one frequent flyer with no flights booked apparently receiving the Jetstar text. When the customer contacted the Qantas cyber security team set up in response to the hack he was told they “could not confirm the link was genuine”.

A Jetstar spokesman said the texts were completely unrelated to the Qantas cyber issue: “I can confirm we are sending these text messages to customers travelling to Brisbane during the works period,” he said.

Originally published as Cyber experts say hackers likely gave Qantas a ransom demand