The concerning incident was detected by the national carrier on Monday, after “unusual activity” on a third party platform used by Qantas was detected.

While the airline says the “system is now contained”, some six million customers have service records in this platform and therefore could be impacted.

It is understood the incident occurred when a cyber criminal targeted a call centre, based in Manila in the Philippines, and gained access to a third party customer servicing platform.

In a statement, Qantas CEO Vanessa Hudson “sincerely” apologised to customers for the breach.

“We sincerely apologise to our customers and we recognise the uncertainty this will cause,” she said.

“Our customers trust us with their personal information and we take that responsibility seriously.

“We are contacting our customers today and our focus is on providing them with the necessary support.”

Ms Hudson said the airline is “working closely with the Federal Government’s National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts” through this period.

The airline said an initial review has confirmed the data breach includes some customers’ names, email addresses, phone numbers, birth dates and frequent flyer numbers.

However, credit card details, personal financial information and passport details are not held in this system and are not impacted. The airline said no frequent flyer accounts were compromised nor have passwords, PIN numbers or log in details been accessed. Qantas’ operations or the safety of the airline has also not been impacted.

“Breaches don’t come bigger than this”

Speaking to news.com.au, Finder’s Editor-at-large Angus Kidman said “breaches don’t come much bigger than this”.

“More than 16 million people are members of Qantas Frequent Flyer, and Finder research shows that 35 per cent of Australians actively collect Qantas Points,” he said.

“My top piece of advice after this incident is to make sure you’re regularly checking your frequent flyer points balance. Since frequent flyer numbers were leaked, scammers may try to use that for bogus rewards bookings or other redemptions.

“Qantas says no passwords were leaked, but I’ll still be checking my own balance regularly over the next few weeks.”

Mr Kidman said “points are like cash” so customers involved will need to keep a careful eye on their balance.

“Qantas’ security systems for logging in are quite robust, with two-factor authentication enforced, so hopefully the impacts on individuals will be minimal,” he said,

“But it’s a stark reminder that no business is immune from breaches, no matter how large.”

Mr Kidman said while Qantas has advised that alongside a dedicated support line, customers should be wary of scammers taking the opportunity of sending fake messages to take advantage of that.

“Be very cautious with any communications you receive and check the sender details carefully,” he said.

“Don’t click any links – contact Qantas by phone if you do receive a message.”

Editor of Executive Traveller David Flynn told news.com.au that Qantas are not alone in the breach, with banks, telcos and other large companies with extensive customer databases caught out in attacks in recent years.

“I don’t believe this should impact confidence in the Qantas brand, although I’m sure the airline will be looking at ways to further strengthen its cyberdefenses,” Mr Flynn said.

“Although as many as six million customers have had their frequent flyer account numbers leaked, their unique account passwords and PINs – which are needed to access those Qantas Points – appear to be safe.

“There appears to be reduced risk of identity theft, given that passport details were not accessed. But armed with email addresses and birthdates, some hackers could conceivably access private email accounts if the password isn’t sufficiently secure.”

Customers impacted by the breach can contact the airline’s dedicated support line on 1800 971 541.