LoyaltyLobby
  • News
  • Hotel Promos
    • Accor
    • Best Western
    • Radisson Rewards
    • Choice
    • Fairmont
    • Hilton
    • World of Hyatt
    • IHG Rewards
    • Marriott
    • Ritz-Carlton
    • Starwood
    • Wyndham Rewards
  • Reviews
  • Contact Us
  • Blog View
  •  
LoyaltyLobby
  • News
  • Hotel Promos
    • Accor
    • Best Western
    • Radisson Rewards
    • Choice
    • Fairmont
    • Hilton
    • World of Hyatt
    • IHG Rewards
    • Marriott
    • Ritz-Carlton
    • Starwood
    • Wyndham Rewards
  • Reviews
  • Contact Us
  • Blog View
  •  
LoyaltyLobby
No Result
View All Result
ADVERTISEMENT

Hacker Group Posting More TAP Air Portugal Data Leaks, Affecting 1.5 Million Customers & Corporate Information

by Sebastian Powell
September 20, 2022
Reading Time: 5 mins read
2

In late August, TAP Air Portugal was hacked by a group calling itself Ragnar Locker, and the company has apparently refused to cooperate with the intruders leading to a more extensive leak this week.

At first, the group released roughly 115,000 customer datasets which they extracted by exploiting a vulnerability in the carriers IT infrastructure but now it’s apparently 10 times as much.

In addition to the customer data, they now exposed confidential corporate documents about employees, partners as well as contract details with other carriers.

ADVERTISEMENT

TAP had never really confessed to being hacked, rather calling it a “system instability”.

The hack was first reported in early September by some newspapers and data security websites.

Securityweek wrote on September 1st:

The Ragnar Locker ransomware gang says it has exfiltrated customer data in a cyberattack on Portuguese state-owned flag carrier airline TAP Air Portugal.

The incident was initially disclosed on August 26, when TAP announced on Twitter that it managed to foil the cyberattack before the threat actor could access any customer data.

“TAP was the target of a cyberattack, now blocked. Operational integrity is guaranteed. No facts have been found that allow us to conclude that there has been improper access to customer data. The website and app still have some instability. Thank you for your understanding,” the company said.

On August 31, however, the Ragnar Locker ransomware gang boasted on their leaks website that the airline’s systems were in fact breached and that customer data was exfiltrated.

The threat actor also attempted to shame TAP, claiming that the data breach could result in the largest lawsuit in history, inferring that the personal information of at least hundreds of thousands of TAP customers was impacted in the incident.

The gang also posted a screenshot allegedly proving that data was indeed stolen during the cyberattack. The screenshot appears to include names, addresses, email addresses, phone numbers, corporate IDs, travel information, nationality, gender, and other personal information.

An alert that TAP published on its website on September 1 makes no mention of a data leak, but does inform customers that “the website and the app are still registering some instability.”

So far so good. We haven’t heard anything else in the last three weeks so one would have thought that’d be the end of it but apparently the hackers now entered round two.

Expresso Portugal reported today that the hackers tried to negotiate a ransom payment with the company but TAP wouldn’t have any of it and as a result, there are now 1.5 million customer datasets plus more of the company itself floating around on the dark web.

The cybercriminal group Ragnar Locker carried out the threat it had been making and this Monday published 581 gigabytes (GB) of data that it says relates to 1.5 million TAP customers. In a message published on the Dark Web, the Ragnar Lockers also guarantee that they continue to have access to TAP’s computer systems. In addition to the tables with addresses, telephone numbers and customer names, the data leak presents identification documents of people who appear to be professionals or partners of TAP, as well as confidential agreements with several companies and relationships with other airlines, confirmed the Express, after accessing the files.

“The most interesting thing is that they [TAP] have not yet resolved the vulnerabilities in the network itself and this type of incident could happen again. By the way, if anyone needs remote access to TAP Air [sic], let us know”, reads the end of the message that Ragnar Locker has just published on the Dark Web.

TAP has been working with the Judiciary Police, the National Cybersecurity Center and Microsoft with the aim of remedying the flaws that led to the leak of information. Contacted by Expresso, TAP responds that, “thanks to cybersecurity systems and the quick action of the in-house Information Technology team, the intrusion was contained at an early stage, before causing damage to operational processes. TAP’s operations are proceeding normally”, reiterates TAP, without commenting in detail on the allegation of remote access by the hackers. “We will therefore continue to take all necessary measures”, adds TAP on the cyberattack.

The publication of this second wave of data comes just over a week after the group specialized in asking for ransoms to unlock infected computers published on the Dark Web the data of 115 thousand customers and sensitive information from TAP professionals, as evidence of the files it managed to obtain. divert through alleged vulnerabilities in the carrier’s computer networks.

Expresso found that TAP did not accept the cybercriminals’ suggestion and did not negotiate the payment of a ransom to prevent the publication of the data – a retaliation that is recurrent when companies do not pay ransom to unlock infected computers, because they made backup copies that quickly arrange for systems to be replaced.

It’s hard to say what the right course of action is here and impossible to say without knowing specifics. On one hand it’s never good to pay any ransom as it opens the door to further extortion and who guarantees that the hackers are destroying the information they retrieved from TAP’s systems (highly unlikely)? Law enforcement typically tells affected entities that they shouldn’t pay any ransom.

That being said, the hack was only possible as the IT specialists exploited a hole in TAP’s security protocol and therefore the carrier should have probably taken some effort and avoid having all this information spread around even if they can’t be 100% certain that it can be kept under wraps.

This is the notice posted together with the large files available for download:

Not that I want to condone or excuse this criminal activity but it really seems like TAP hasn’t made any effort in correcting its security deficiencies ever since they first had knowledge of the breach.

As it became clear the company wouldn’t pay and also made no progress in plugging the hole the hackers just posted all the data on the dark web and as a result both consumer and corporate data is now in the open.

Conclusion

If you’re a TAP Air Portugal customer you might want to have a good look at your passwords and other confidential information associated with your TAP accounts such as the online portal and loyalty login. Passwords across the bench should be reset as your information is now most likely compromised as a result of both the hacker’s criminal energy as well as TAP’s incompetence to safeguard their database.

Given the rather relaxed approach TAP displayed here I can imagine them being indeed liable under the European data protection laws which can carry massive fines as companies such as British Airways already had to suffer from.

Previous Post

Airfare of the Day [Business Class] AMERICAN AIRLINES Milan to New York from 1,360€

Next Post

American Airlines Introduces New Business Class Seat – Flagship Suite

Related Articles

TAP Miles&Go Double Elite Qualifying Miles July 14 – September 30, 2022 (Book July 14 – 31)

TAP Cancels 1,316 Flights Due to Cabin Crew Strike January 25 – 31, 2023

John Ollila
January 19, 2023
10

TAP has indicated that it will cancel 1,316 flights affecting 160,000 passengers due to a cabin crew strike between January...

TAP Miles&Go Double Elite Qualifying Miles July 14 – September 30, 2022 (Book July 14 – 31)

Potential TAP Cabin Crew Strike January 25 – 31, 2023

John Ollila
January 12, 2023
8

There is more trouble brewing for TAP, the Portuguese flag carrier whose cabin crew last stroked for two days in...

Airfare of the Day [Business Class] TAP AIR PORTUGAL London to Cancun from £1,149

Airfare of the Day -Business Class- TAP AIR PORTUGAL London to Cancun from £1,149

Freddo Zabaleta
January 8, 2023

Today’s Airfare of the Day goes to TAP Air Portugal and their business class excursion fares valid for round trip...

Upgrade Your Travel IQ

Make the most of your travel with our free and daily newsletter with the latest hotel and airline news and promotions.

We do not sell or share email addresses.

ADVERTISEMENT

Trending

Hilton Go Employee And Friends & Family Rate Plans
Hilton Honors

Hilton Go Employee And Friends & Family Rate Plans

July 25, 2021
UPDATE: Hilton Honors “Tier Last Call 2023 Promotion – Fast Track“ January 1 – March 31, 2023 (Updated Links )
Hilton Honors

UPDATE: Hilton Honors “Tier Last Call 2023 Promotion – Fast Track“ January 1 – March 31, 2023 (Updated Links )

January 26, 2023
Japan Entry Experience Through Sapporo’s New Chitose Airport January 2023
Travel News

Japan Entry Experience Through Sapporo’s New Chitose Airport January 2023

January 25, 2023
German Members Of Parliament No Longer Receive Complimentary Lufthansa Senator Status As Of This Year
Lufthansa - Miles & More

Lufthansa Miles&More Offers One Year Senator Extensions For 1400 Euro, Free In Greater China

January 26, 2023
Hilton 25% Off Airline Staff Rate Plan
Hilton Honors

Hilton 25% Off Airline Staff Rate Plan

January 26, 2023

Top Categories

  • IHG Rewards Club
  • Marriott Bonvoy
  • Hilton Honors
  • Accor ALL
  • Airfare Of The Day
  • Starwood Preferred Guest (SPG)
  • Hyatt – World of Hyatt
  • Travel News
  • American Airlines – AAdvantage
  • British Airways
ADVERTISEMENT

All Categories

In Case You Missed It

REGISTER: Hilton Honors “Tier Last Call 2023 Promotion – Fast Track“ January 1 – March 31, 2023

REGISTER: Hilton Honors “Tier Last Call 2023 Promotion – Fast Track“ January 1 – March 31, 2023

January 23, 2023
Reader Email: Missed Connection On Separate Tickets – Trip To Iceland Lost?

Reader Email: Missed Connection On Separate Tickets – Trip To Iceland Lost?

January 24, 2023
Hilton Honors 5,000 & 10,000 Points Per Night Hotels (July 2021)

Reader Emails: Too Few Nights Rolled Over Form 2022 To 2023?

January 24, 2023
Qatar Airways Up To 10% Off Through June 30, 2022 (Book By December 15)

Qatar Airways Up To 25% Off “Thank You Offer” (Book By April 9)

January 23, 2023
GHA Now Allows Transferring Of Discovery Dollars Between Member Accounts

GHA Now Allows Transferring Of Discovery Dollars Between Member Accounts

January 24, 2023
ADVERTISEMENT

Since 2011, we have been helping millions of visitors like you untangle travel loyalty programs for free upgrades, flights and hotel nights.

Facebook Twitter Youtube Instagram

Site Navigation

  • About LoyaltyLobby
  • News
  • Reviews
  • Airfares
  • Contact Us

Hotel Promotions

  • Accor
  • Hilton
  • IHG Rewards
  • Marriott
  • World of Hyatt

Sign Up For Our Newsletter

Our free daily newsletter sends you the latest information on hotel and airline programs.

We do not share or sell email addresses.

Site & Contents ©2011-2023 LoyaltyLobby.com
Terms of Use & Privacy Policy

  • News
  • Hotel Promotions
    • Accor
    • Best Western
    • Choice
    • Fairmont
    • Hilton
    • IHG Rewards
    • Marriott
    • Radisson Rewards
    • Ritz-Carlton
    • Starwood
    • World of Hyatt
    • Wyndham Rewards
  • Reviews
  • Contact Us
  • Blog View
No Result
View All Result

© 2011–2023 LoyaltyLobby.com - Site & Contents