"Qantas App Exposed Sensitive Traveler Details to Random Users"
Qantas Airways recently announced that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. Qantas is Australia's flag carrier and the largest airline by fleet size, operating 125 aircraft and serving 104 destinations. Qantas has 23,500 employees and an annual revenue of almost $12.9 billion. The company says that several users of the Qantas app reported on social media that they could view other users' travel details, including personally identifiable information, boarding passes for upcoming flights, and other account information. The airline recommended that customers log out from their "Frequent Flyer" account on the Qantas app and remain vigilant about scams on social media. In another update, the company announced that it solved the issue and confirmed that a cyberattack didn't cause the incident. The company says that the problem was isolated to the Qantas app, with some frequent flyers able to see the travel information of other customers, including name, upcoming flight details, points balance, and status. The company noted that no further personal or financial information was shared, and customers would not have been able to transfer or use the Qantas Points of other frequent flyers.
BleepingComputer reports: "Qantas App Exposed Sensitive Traveler Details to Random Users"