Portugal’s national airline TAP Air Portugal says hackers obtained the personal data of some of its customers and have published the information on the dark web. No payment data was taken in the cyberattack, the flag carrier said in a statement late Wednesday.
The attack began almost a month ago and is being investigated by Portuguese authorities, with the help of specialists from Microsoft. The hackers obtained the name, nationality, sex, date of birth and address, email and telephone contact details, the airline said, without TAP elaborating.
Portuguese newspaper Expresso said a hacker group called Ragnar Locker was offering the information of 1.5 million TAP Air Portugal customers on the dark web.
It was subsequently reported that Portugal's President Rebelo de Sousa, alongside MPs, government staff and security forces, are among the clients of state-owned airline TAP whose data has been stolen. The flagship carrier had stated the day before, that hackers had stolen some of their customers' personal data and published it on the dark web, although the state-owned airline said all payment details seemed safe.
In a letter to customers, TAP claimed that the cyber-attack last month obtained from its servers: people's names, nationalities, email and home addresses, phone contacts and frequent flier numbers. "The release of the personal data via open sources could increase the risk of their illegal use, namely aimed at obtaining other data that could compromise the digital systems in fraudulent attempts such as phishing," TAP stated. "There are no signs that any payments data have been retrieved from TAP systems," it said.
TAP also claimed it had taken immediate containment measures to keep its systems working and to protect other data. The Portuguese airline has not disclosed the number of affected clients, which local media estimate as being around 1.5 million. The military has also been targeted.
TAP again urged customers to be careful of unsolicited contacts requesting personal information, and told them not to click on links and attachments in suspicious emails. It also recommended changing passwords to stronger ones and said it would abstain from further contact with individual clients about the issue to avoid confusion.
The TAP CEO told reporters the airline was "very serious about client data" and said the incident was upsetting.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs. com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
Comments