The national carrier confirmed a cyber criminal targeted a call centre, based in Manila in the Philippines and gained access to a third party customer servicing platform used by the airline.

Customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers were stolen.

Qantas CEO Vanessa Hudson said on Wednesday the airline’s focus following incident has been to understand what data has been compromised for each of the 5.7 million impacted customers and to share this with them as soon as possible.

“From today we are reaching out to customers to notify them of the specific personal data fields that were held in the compromised system and offer advice on how they can access the necessary support services,” Ms Hudson said.

The airline said after removing duplicate records, its investigation found that there were 5.7 million unique customers’ data held in the system.

Customers impacted will also be notified on how to protect themselves moving forward.

The airline disclosed around 1.2 million customer records contained name and email address and 2.8 million customer records contained name, email address and Qantas Frequent Flyer number.

“The majority of these also had tier included. A smaller subset of these had points balance and status credits included,” the latest statement read.

The airline noted of the remaining 1.7 million customers, their records included a combination of some of the data fields above and one or more of the following:

– Address – 1.3 million. This is a combination of residential addresses and business addresses including hotels for misplaced baggage delivery.

– Date of birth – 1.1 million

– Phone number (mobile, landline and/or business) – 900,000

– Gender – 400,000. This is separate to other gender identifiers like name and salutation.

– Meal preferences – 10,000

Ms Hudson said since the incident, they have put in place a number of additional cyber security measures “to further protect our customers data, and are continuing to review what happened”.

“We remain in constant contact with the National Cyber Security Coordinator, Australian Cyber Security Centre and the Australian Federal Police. I would like to thank the various agencies and the Federal Government for their continued support.”

Meanwhile, the airline said in a statement on Monday that “a potential cybercriminal has made contact” but it would not disclose if a ransom was being sought.

“As this is a criminal matter, we have engaged the Australian Federal Police and won’t be commenting any further on the detail of the contact,” a Qantas spokesperson said.

Qantas said it was working with cybersecurity experts “to validate” the authenticity of the communication.

More Coverage

Chilling group makes contact with Qantas

Joanne Williamson

Three words could destroy millions

Vanessa Brown

“There is no evidence that any personal data stolen from Qantas has been released but, with the support of specialist cybersecurity experts, we continue to actively monitor,” the airline said.

The airline has reiterated personal information such as credit card, passport, and financial details were not stored in the system in question.

“There continues to be no impact to Qantas Frequent Flyer accounts. Passwords, PINs and login details were not accessed or compromised. The data that was compromised is not enough to gain access to these frequent flyer accounts,” the airline said.