The Office of the Australian Information Commissioner (OAIC) has been advised by Qantas that a cyber incident occurred in one of its contact centres, impacting customer data.
Entities in these circumstances must act swiftly to assess whether there has been an eligible data breach. The entity is required to provide formal notification to the OAIC of an eligible data breach. Entities have up to 30 days to provide this notification to the OAIC.
Read more information about the Notifiable Data Breachs scheme.
Individuals impacted by notifiable data breaches can find information on our website about data breach support and resources and responding to a data breach notification.