Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal

2 years ago 119
BOOK THIS SPACE FOR AD
ARTICLE AD

The Ragnar Locker ransomware gang claims to have hacked the Portuguese state-owned flag carrier airline TAP Air Portugal and stolen customers’ data.

The Ragnar Locker ransomware added the Portuguese state-owned flag carrier airline TAP Air Portugal to its leak site and claims to have stolen customers’ data.

Tap Air Portugal

On August 26, the Portugues company announced via Twitter that it was hit by a cyber attack and that it was able to neutralize it.

TAP was the target of a cyber-attack, now blocked. Operational integrity is guaranteed. No facts have been found that allow us to conclude that there has been improper access to customer data. The website and app still have some instability. Thank you for your understanding. pic.twitter.com/zQASbpNtXx

— TAP Air Portugal (@tapairportugal) August 26, 2022

Despite the message, some users were not able to access their accounts on the company website.

Hello Ryan,
we inform you that due to the cyber attack, that we had suffered yesterday, the website and the app still have some instability. We kindly ask you to access to your account later.
In the meantime, if further assistance is needed, please let us know.

— TAP Air Portugal (@tapairportugal) August 26, 2022

On August 31, the Ragnar Locker ransomware gang announced to have breached the airline’s infrastructure and exfiltrated the data of its customers.

“Several days ago Tap Air Portugal made a press-release where they claimed with confidence that they successfully repelled the cyber attack and no data was compromised (but we do have some reasons to believe that hundreds of Gigabytes might be compromised).” reads the message published by the gang on its leak site. “Now try to guess what happens if someone (guess who?) will provide the huge amount of irrefutable evidence, which will shows that official statement of Tap Air – is not true. The incident that occurred with them on Friday – in terms of the compromised personal data scale, it exceeds even the incident with company Easy jet.”

The ransomware group published screenshots of the stolen data, which allegedly includes names, addresses, email addresses, phone numbers, corporate IDs, travel information, nationality, gender, and other personal information.

At the time of this writing, the company only published an alert about the website and app instability on its website on September without mentioning the data breach.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, TAP Air Portugal)




Read Entire Article